Would be curious to know if Eloston & wchen342 think running UG in (a well-configured) firejail would provide another layer of protection (between attacker & your filesystem) in the case of chromium 0-days.
:point_up: Edit: Would be curious to know if Eloston & wchen342 think running UG in (a well-configured) firejail or bubblewrap would provide another layer of protection (between attacker & your filesystem) in the case of chromium 0-days.
The topic can be expanded all the way to pages, and it is not a "right vs. wrong" thing. Some very quick points being: 1. bubblewrap is better in terms of security, failjail has better usability; 2. Like flatpak, failjail needs to be set-up correctly otherwise it's a placebo; 3. Linux desktop is inherently insecure, thus Qubes. However security is usually not the first priority in the choice of using Linux; 4. It is kind of unfair to blame flatpak because packages set their own permissions; it can be improved probably with a permission whitelist like Android but that's a design choice.
wchen342: I haven't hardened the permissions too much in an effort to reduce bug reports related to broken functionality. By default I allow access to the read-write access to the home directory and all devices (webcam, GPU, etc)
You could use flatpak-override or a front-end to it like Flatseal to change that and harden it
hello this is probably a silly question but I am not a seasoned chromium user.. how can I disable the home screen shortcuts from visited websites? I could not find any pertinent settings and am not sure how its persisting
I'm able to log in to my account, but when it loads teams it hangs on the load until it times out and gives a generic "We've encountered a problem". When I log in from browsers that work, it flips through about a half dozen URLs that it fetches. On UGC it stops after about the second. I wondered if it had to do with the auto-https when no transport method is specified, but that's just speculation.