Tinnes: Introducing Chrome’s Next-Generation Linux Sandbox


Julien Tinnes describes the new sandbox mechanism for the Chrome browser under Linux. “In a similar, but very limited, fashion, this is what we have now in Chrome: we stacked the seccomp-bpf sandbox on top of the setuid sandbox. The setuid sandbox gives a few easy to understand semantic properties: no file system access, no process access outside of the sandbox, no network access. It makes it much easier to layer a seccomp-bpf sandbox on top.

Read more at LWN