simo s@ssimo.org writes:
sandbox -X runs everything into a nested X server (Xephyr here) run explicitly for the application, so that the app does not have direct access to the outer X server.
Interesting, I'd like to try that out and evaluate its security and usability. I can't find "sandbox" binary in Debian, is it perhaps under some other name or should I build it from source?
Although there was a feature (XACE) to make the X server more secure I do no think it ever worked well enough. I think the only good solution will be to use wayland once it is good enough. Its model isolates each process and is much better from a security pov from what I've been told so far.
Indeed. The only working models that I have seen are Qubes OS and just using xpra/vnc with virtual machine/another user.
-Timo