[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#42996: icecat can escape from `guix environment --container`
From: |
Leo Famulari |
Subject: |
bug#42996: icecat can escape from `guix environment --container` |
Date: |
Sun, 23 Aug 2020 12:45:33 -0400 |
On Sun, Aug 23, 2020 at 06:18:49PM +0800, luhux wrote:
> I am using guix environment --container to isolate some programs that
> are prone to leak information. guix environment --container works well
> in freerdp and other programs until I use guix environment --container
> to containerize icecat,
More comprehensive reproduction:
$ guix environment --container --share=/tmp/.X11-unix --ad-hoc icecat
[env]$ export DISPLAY=":0.0"
[env]$ icecat
The browser has no fonts but, with careful typing, I was able to open a
text file in my home directory.
signature.asc
Description: PGP signature