I have to laugh when security conscious people think their browser is secure. I use TTY almost exclusively. But for a minimal desktop one should really look into stumpwm
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
If 90% of your activity is in the browser, then even if your sandbox was 100% isolated from other processes, 90% of your activity is still exposed, no?
And why are you confident in sandboxing? Just like in real life, it is only a rudimentary defence.
Every browser tab has its own sandboxed process. And to top it off, at least in Chrome every site (second-level domain) and iframe has its own sandboxed process.
Nice list. Now you need a RCE exploit and a chained breakout exploit thought. That's a lot of cash.
Given this and that the process isolation also protects against meltdown/spectre type attacks, I think we can agree that this type of fine-grained sandboxing is a requirement for secure software, no?
However, next to no software is using fine-grained sandboxing. From the top of my head only qmail, djbdns and gatling come to mind, none of them are for end-users.
So what end-users software does actually approach or surpas browsers in this regard?
Then lets not pretend that a browser is sufficiently secure for people considering using OpenBSD. Given the fact that by its nature a browser runs untrusted unreviwed code on your device it does a pretty good job of making it difficult to exploit, but it is irresponsible to say that its sandboxing cant be bypassed when clearly it can.
