Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why Firefox sandbox is not active?

more options

I have tried to change sandbox level in firefox in about:config, but it doesn´t matter what level I set, I still have access to system files from the browser "file://" page, so that means that my files are exposed and sandbox it´s not restricting anything, right?. How could I solve it?. If I execute firefox with firejail the program crashes. I tried with Tor and the sandbox is working, so is not a problem with my OS, could I use the same configuration that Tor uses in firefox with some trick?. I´m in Linux Manjaro 4.19

I have tried to change sandbox level in firefox in about:config, but it doesn´t matter what level I set, I still have access to system files from the browser "file://" page, so that means that my files are exposed and sandbox it´s not restricting anything, right?. How could I solve it?. If I execute firefox with firejail the program crashes. I tried with Tor and the sandbox is working, so is not a problem with my OS, could I use the same configuration that Tor uses in firefox with some trick?. I´m in Linux Manjaro 4.19

All Replies (2)

more options

This page describes what the different sandbox levels are supposed to do: https://wiki.mozilla.org/Security/Sandbox#Linux

What is the browser file:// page -- do you mean a directory listing or full path accessed from the address bar?

I should note that what you can access through the address bar isn't necessarily the same as what web content can access. However, I don't know the best way to test that.

Regarding Tor and opening local files, perhaps there is some unique code in Tor related to local files (other than sandbox)?

more options

I mean the full path from the address bar. Actually, I was looking for a way to test that, I know that in Tor I can´t access some files which I can in Firefox (I think that Tor have a different sandbox system, but I´m not sure), but that´s not enough to know if Firefox is totally safe, I just know that PROBABLY, is not as safe as Tor regarding sandboxing.