Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: Best way to virtualize Thunderbird/mail client

  1. #11
    Join Date
    Oct 2006
    Location
    hong kong,sydney,auckland
    Beans
    198
    Distro
    Xubuntu 22.04 Jammy Jellyfish

    Re: Best way to virtualize Thunderbird/mail client

    Unless I misunderstand you host and guest are on the same machine.

    fwiw, and as another option,
    I run multiple VMs at the same time on different virtual desktops,
    accessing their desktops via virt-viewer,
    switching between them / their virtual desktops with a mouse roll.

    Two of these VMs have Thunderbird clients accessing different classes of email.
    The VMs are clones so easy to set up as many as I need.

    Was fast under Virtualbox and is equally fast under virt-viewer/libvirt/qemu/kvm.
    Last edited by undecidable; 1 Week Ago at 07:12 AM.

  2. #12
    Join Date
    May 2024
    Beans
    Hidden!

    Re: Best way to virtualize Thunderbird/mail client

    Quote Originally Posted by TheFu View Post
    I don't see how thunderbird in a firejail can break out.
    Firejail is a setuid-root program. An exploit of it is going to lead to existential consequences.

    https://www.cvedetails.com/vulnerabi...-Firejail.html

    A capable adversary literally just has to send you an email (you don't even have to open or interact with it) to get root on your system.

    So I basically want to isolate and containerize all such programs which receive and execute untrusted code from strangers all day.

    I just can't figure out why the performance of X over SSH on localhost is so miserable.

  3. #13
    Join Date
    Aug 2016
    Location
    Wandering
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: Best way to virtualize Thunderbird/mail client

    Not to argue here, and I just can't imagine that exploit as an easy task by an attacker, seems to me you would at some point have to help the attacker.
    Exploit prediction scoring system (EPSS) score for CVE-2022-31214

    Probability of exploitation activity in the next 30 days: 0.04%

    Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 %
    A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.
    My version seems to be fixed: firejail --version
    firejail version 0.9.72

    Please Note, I don't use Thunderbird personally.
    I do understand your concerns though. I kind of subscribe to "Do I feel safe enough" knowing all the while nothing is bullet proof.
    I also run heavy security audits bi-monthly.

    But I wish I could help with your performance over X.

    Interesting Thread please keep us updated.
    Last edited by 1fallen; 1 Week Ago at 04:19 PM.
    With realization of one's own potential and self-confidence in one's ability, one can build a better world.
    Dalai Lama>>
    Code Tags | System-info | Forum Guide lines | Arch Linux, Debian Unstable, FreeBSD

  4. #14
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Best way to virtualize Thunderbird/mail client

    Quote Originally Posted by currentshaft View Post
    Firejail is a setuid-root program. An exploit of it is going to lead to existential consequences.

    https://www.cvedetails.com/vulnerabi...-Firejail.html

    A capable adversary literally just has to send you an email (you don't even have to open or interact with it) to get root on your system.

    So I basically want to isolate and containerize all such programs which receive and execute untrusted code from strangers all day.

    I just can't figure out why the performance of X over SSH on localhost is so miserable.
    localhost? That seems like it wouldn't work. Every VM has a different idea about "localhost". 127.x.x.x/8 is localhost, by definition.

    Since I've been running my own email servers 25+ yrs, I doubt any badness will arrive. My gateway blocks emails from huge parts of the world. I never see them. Sometimes that can cause problems. Usually less than 1-2 times a year. Last week, a contractor send a proposal for work using a 3rd party email that I had gotten nasty spam messages through about 5 yrs ago. Back then, I blocked all emails from that domain. A slight hassle for them and for me, but we worked it out. That's before the email even hits my email server. Then my clients are setup to only show 7-bit ASCII, so anything else, especially HTML/mime email just shows up blank. The SMTP standards REQUIRE 7-bit ASCII as the main email and allow for attachments.

    A few minutes ago, I saw a spam email for watches ... from 103.70.114.0/23 MOZ TECHNOLOGY JOINT STOCK COMPANY. That domain is in Vietnam. Blocked now through an ipset rule. I never expect to deal with them ... ever. They allowed a client to become a spammer. 1 time, is too many.

    Anyway, I've never been hacked via email. Not once. But I don't open attachments, especially PDF files, unless they are expected.

    My mother was hacked through an email message on WinXP. The spearfishing targeted her perfectly. New Baby Photos from a granddaughter's email who just had a baby less than a week earlier. No mother/grandmother could have resisted opening that email or the attachments. She knew immediately that something was wrong and pulled the power cord from the wall. It was too late. I moved her to Linux a few months later. She had great fear of Linux because she'd seen my minimal desktop. For 10+ yrs before, I'd had her using Firefox, thunderbird, and OpenOffice already, so it was less about a new OS and more about seeing the same applications she'd been using already. Afterwards, she was running Ubuntu with LXDE and the icons for her programs on the side-bar. Additionally, I setup constant backups (hourly via Back-in-Time) and weekly off-site pulled backups to my home for the most critical stuff. There were a few MS-Windows-only programs, which we solved with an App Window into a VM. She didn't need to know anything about a hypervisor.

    We also moved her email from the ISP over to a domain run by a brother-in-law. My family has a number of computer nerds with admin experience.

  5. #15
    Join Date
    May 2024
    Beans
    2

    Re: Best way to virtualize Thunderbird/mail client

    I just created an account to reply: I'm trying to achieve the same as currentshaft : Not for myself, but for an office full of cavemen with zero tech knowledge. They've already been hacked through malicious emails, and even if they attend a thousand courses on good computer practices I won't sleep well...
    Virtualizing email client and making them remotely use it seems a nice way to keep nastiness contained.

  6. #16
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Best way to virtualize Thunderbird/mail client

    For cavemen,
    • No attachments.
    • 7-bit ASCII email only. No MIME attachments.

    Period.

  7. #17
    Join Date
    May 2024
    Beans
    Hidden!

    Re: Best way to virtualize Thunderbird/mail client

    Quote Originally Posted by TheFu View Post
    For cavemen,
    • No attachments.
    • 7-bit ASCII email only. No MIME attachments.

    Period.
    That won't prevent thunderbird, or frankly most software made to executed untrusted code, from getting owned.

    Like I said, a skilled adversary needs only to send you an email message - you do not even have to open or click on anything in it to get owned.

    By the way, I'm doing this on a 4K display (2880x1800 resolution) - perhaps that explains the awful X11 SSH forwarding performance? If I scale the window down to be barely legible, it performs much better

  8. #18
    Join Date
    Aug 2016
    Location
    Wandering
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: Best way to virtualize Thunderbird/mail client

    Quote Originally Posted by TheFu View Post
    For cavemen,
    • No attachments.
    • 7-bit ASCII email only. No MIME attachments.

    Period.
    +1 Period
    With realization of one's own potential and self-confidence in one's ability, one can build a better world.
    Dalai Lama>>
    Code Tags | System-info | Forum Guide lines | Arch Linux, Debian Unstable, FreeBSD

  9. #19
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Best way to virtualize Thunderbird/mail client

    Quote Originally Posted by currentshaft View Post
    That won't prevent thunderbird, or frankly most software made to executed untrusted code, from getting owned.

    Like I said, a skilled adversary needs only to send you an email message - you do not even have to open or click on anything in it to get owned.
    Do you have a link for this attack on Linux? I've never heard nor seen it.
    On Android and iPhones, where we don't have control, I can see it and on MS-Windows where they have MS-DOS and Win3 image handling complete with bugs, I can see it happening, but not in Linux. I've searched and find nothing.

    How can an email own a system when the client is running as a normal user? To that, I'd say stop using root for email.

    Now, if someone clicks a link in a message or opens an attachment, then I can see owning the account, but not the system.

  10. #20
    Join Date
    May 2024
    Beans
    Hidden!

    Re: Best way to virtualize Thunderbird/mail client

    Quote Originally Posted by TheFu View Post
    How can an email own a system when the client is running as a normal user? To that, I'd say stop using root for email.
    By processing documents and code crafted to trigger vulnerabilities leading to privilege escalation and remote code execution.

    The root boundary on Linux is trivial to cross and provides very little security guarantees.

    As for examples of zero click payloads, they are rare since most are used by advanced capable threat actors, however you can look up "Sophail" research to see one. Now, that was against a anti-virus program, but it was also 10+ years ago - attackers have been more capable, and software has only gotten worse.
    Last edited by Frogs Hair; 5 Days Ago at 12:12 AM. Reason: Language Filter

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •