Comments

• 

  2 months ago by dfaggioli | Reply

  Sounds interesting. Tools like toolbox (https://github.com/openSUSE/microos-toolbox) and distrobox (https://github.com/89luca89/distrobox) achieve something like that. In fact, they do achieve the goal of running a browser (as well as pretty much any GUI app) from inside a container. They, however, are not meant for providing strong isolation (if any real "strong" isolation can even be provided with containers), so a lot of the host is shared inside of the container.

  This, of course, can be changed/restricted. Those project are not really interested in turning themselves into strong sandboxing solutions, but maybe they can be looked up, to take inspiration.

  For more information, see: https://github.com/89luca89/distrobox/issues/28 and/or: https://github.com/openSUSE/microos-toolbox/blob/master/toolbox#L197

  Note also that there are other similar tools (like Silverblue tlbox, written in Go instead than in bash), that it could be interesting to check.

×
Edit Comment 6670
# A First Level Header
## A Second Level Header

Use one asterisk to *emphasize*

Use two asterisks for **strong emphasis**

* Use asterisks
* for lists

This is an [example link](http://example.com/)

This is an ![example image](http://paste.opensuse.org/view/raw/68957446)

This is a user link @hans

This is a project link hw#some-cool-title
More Complex Markdown Help
Formatting Help
• Edit
• Preview
Sounds interesting. Tools like toolbox (https://github.com/openSUSE/microos-toolbox) and distrobox (https://github.com/89luca89/distrobox) achieve something like that. In fact, they do achieve the goal of running a browser (as well as pretty much any GUI app) from inside a container. They, however, are not meant for providing strong isolation (if any real "strong" isolation can even be provided with containers), so a lot of the host is shared inside of the container. This, of course, can be changed/restricted. Those project are not really interested in turning themselves into strong sandboxing solutions, but maybe they can be looked up, to take inspiration. For more information, see: https://github.com/89luca89/distrobox/issues/28 and/or: https://github.com/openSUSE/microos-toolbox/blob/master/toolbox#L197 Note also that there are other similar tools (like Silverblue tlbox, written in Go instead than in bash), that it could be interesting to check.
 
×
Reply to dfaggioli
Sounds interesting. Tools like toolbox (https://github.com/openSUSE/microos-toolbox) and distrobox (https://github.com/89luca89/distrobox) achieve something like that. In fact, they do achieve the goal of running a browser (as well as pretty much any GUI app) from inside a container. They, however, are not meant for providing strong isolation (if any real "strong" isolation can even be provided with containers), so a lot of the host is shared inside of the container.
This, of course, can be changed/restricted. Those project are not really interested in turning themselves into strong sandboxing solutions, but maybe they can be looked up, to take inspiration.
For more information, see: https://github.com/89luca89/distrobox/issues/28 and/or: https://github.com/openSUSE/microos-toolbox/blob/master/toolbox#L197
Note also that there are other similar tools (like Silverblue tlbox, written in Go instead than in bash), that it could be interesting to check.
---
# A First Level Header
## A Second Level Header

Use one asterisk to *emphasize*

Use two asterisks for **strong emphasis**

* Use asterisks
* for lists

This is an [example link](http://example.com/)

This is an ![example image](http://paste.opensuse.org/view/raw/68957446)

This is a user link @hans

This is a project link hw#some-cool-title
More Complex Markdown Help
Formatting Help
• Edit
• Preview
 
• 

  about 2 months ago by nguyens | Reply

  Thanks a lot Dario! It worked out with a few tweaks to provide access to the X server and the DRI device files.

  • 

    11 days ago by dfaggioli | Reply

    Mmm... Cool and interesting! Can I ask you which tricks?

  ×
  Edit Comment 7199
  # A First Level Header
  ## A Second Level Header
  
  Use one asterisk to *emphasize*
  
  Use two asterisks for **strong emphasis**
  
  * Use asterisks
  * for lists
  
  This is an [example link](http://example.com/)
  
  This is an ![example image](http://paste.opensuse.org/view/raw/68957446)
  
  This is a user link @hans
  
  This is a project link hw#some-cool-title
  
  More Complex Markdown Help
  Formatting Help
  • Edit
  • Preview
  Mmm... Cool and interesting! Can I ask you which tricks?
   
  ×
  Reply to dfaggioli
  Mmm... Cool and interesting! Can I ask you which tricks?
  ---
  # A First Level Header
  ## A Second Level Header
  
  Use one asterisk to *emphasize*
  
  Use two asterisks for **strong emphasis**
  
  * Use asterisks
  * for lists
  
  This is an [example link](http://example.com/)
  
  This is an ![example image](http://paste.opensuse.org/view/raw/68957446)
  
  This is a user link @hans
  
  This is a project link hw#some-cool-title
  
  More Complex Markdown Help
  Formatting Help
  • Edit
  • Preview
   
×
Edit Comment 6836
# A First Level Header
## A Second Level Header

Use one asterisk to *emphasize*

Use two asterisks for **strong emphasis**

* Use asterisks
* for lists

This is an [example link](http://example.com/)

This is an ![example image](http://paste.opensuse.org/view/raw/68957446)

This is a user link @hans

This is a project link hw#some-cool-title
More Complex Markdown Help
Formatting Help
• Edit
• Preview
Thanks a lot Dario! It worked out with a few tweaks to provide access to the X server and the DRI device files.
 
×
Reply to nguyens
Thanks a lot Dario! It worked out with a few tweaks to provide access to the X server and the DRI device files.
---
# A First Level Header
## A Second Level Header

Use one asterisk to *emphasize*

Use two asterisks for **strong emphasis**

* Use asterisks
* for lists

This is an [example link](http://example.com/)

This is an ![example image](http://paste.opensuse.org/view/raw/68957446)

This is a user link @hans

This is a project link hw#some-cool-title
More Complex Markdown Help
Formatting Help
• Edit
• Preview