[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#42996: icecat can escape from `guix environment --container`

From: Julien Lepiller
Subject: bug#42996: icecat can escape from `guix environment --container`
Date: Sun, 23 Aug 2020 11:38:47 -0400
User-agent: K-9 Mail for Android

One possibility is that you're seeing the virtual root filesystem, that thwuld only have a few direccories and the structure up to the directory you created your container in. Are you sure you can access files outside of the directory you started icecat in?

Another possiblity is that you had a running icecat outside of the container. In that case, calling icecat from tge container only opens a new window in the un-containerized icecat. Could it be what's happening?

Le 23 août 2020 06:18:49 GMT-04:00, luhux <luhux@outlook.com> a écrit :
I am using guix environment --container to isolate some programs that are prone to leak information. guix environment --container works well in freerdp and other programs until I use guix environment --container to containerize icecat,

Steps to reproduce:

guix environmnt --container (...some options...) --ad-hoc icecat

Select the address bar and write:'file://' and then access, icecat can still access the content outside the container.

Please forgive me for some inappropriate words. My English is not very good.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]