Why Firefox sandbox is not active?
I have tried to change sandbox level in firefox in about:config, but it doesn´t matter what level I set, I still have access to system files from the browser "file://" page, so that means that my files are exposed and sandbox it´s not restricting anything, right?. How could I solve it?. If I execute firefox with firejail the program crashes. I tried with Tor and the sandbox is working, so is not a problem with my OS, could I use the same configuration that Tor uses in firefox with some trick?. I´m in Linux Manjaro 4.19
Additional System Details
- Shockwave Flash 31.0 r0
- User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
This page describes what the different sandbox levels are supposed to do: https://wiki.mozilla.org/Security/Sandbox#Linux
What is the browser file:// page -- do you mean a directory listing or full path accessed from the address bar?
I should note that what you can access through the address bar isn't necessarily the same as what web content can access. However, I don't know the best way to test that.
Regarding Tor and opening local files, perhaps there is some unique code in Tor related to local files (other than sandbox)?
I mean the full path from the address bar. Actually, I was looking for a way to test that, I know that in Tor I can´t access some files which I can in Firefox (I think that Tor have a different sandbox system, but I´m not sure), but that´s not enough to know if Firefox is totally safe, I just know that PROBABLY, is not as safe as Tor regarding sandboxing.