You are not logged in.

#1 2012-08-04 21:31:55

andershp
Member
From: Denmark
Registered: 2012-07-10
Posts: 4

Isolate / sandbox java applet

Hello, I am new at Arch Linux and I only have some basic experience with linux in general so bear with me.

I want to isolate / sandbox a java applet running in firefox, but I can't figure out which way is the most simple and effective way to do it. I've heard and read a bit about SELinux, chroot and sandfox, thought I haven't used any of these yet. I want to sandbox this specific applet because of security and privacy issues to insure that the applet can't acces or write personal data.

I have also considered using a virtual machine, but I find that too inconvinient for this situation.

What would you recommend?

Thanks

Offline

#2 2012-08-06 18:27:20

zkai
Member
Registered: 2012-08-06
Posts: 2

Re: Isolate / sandbox java applet

JVM is a virtual machine. With a policy file you can just about restrict every resource you could want to for anything that run in the jvm.

Policy Tool
http://docs.oracle.com/javase/1.4.2/doc … ytool.html
Description and Use of Policy
http://docs.oracle.com/javase/7/docs/te … Files.html
Even Some more.
http://docs.oracle.com/javase/6/docs/te … urity.html

Offline

Board footer

Powered by FluxBB