emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#42996: closed (icecat can escape from `guix environment --container`

From: GNU bug Tracking System
Subject: bug#42996: closed (icecat can escape from `guix environment --container`)
Date: Mon, 24 Aug 2020 11:18:02 +0000 
Your message dated Mon, 24 Aug 2020 07:17:02 -0400
with message-id <1E77B891-9ACA-41A9-93C8-BDA74232AAB5@lepiller.eu>
and subject line Re: bug#42996: icecat can escape from `guix environment 
--container`
has caused the debbugs.gnu.org bug report #42996,
regarding icecat can escape from `guix environment --container`
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
42996: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=42996
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: icecat can escape from `guix environment --container` Date: Sun, 23 Aug 2020 18:18:49 +0800 
I am using guix environment --container to isolate some programs that are prone 
to leak information. guix environment --container works well in freerdp and 
other programs until I use guix environment --container to containerize icecat,

Steps to reproduce:

guix environmnt --container (...some options...) --ad-hoc icecat

Select the address bar and write:'file://' and then access, icecat can still 
access the content outside the container.

Please forgive me for some inappropriate words. My English is not very good.

luhux

--- End Message ---
--- Begin Message --- Subject: Re: bug#42996: icecat can escape from `guix environment --container` Date: Mon, 24 Aug 2020 07:17:02 -0400 User-agent: K-9 Mail for Android Then, closing. Thank you :)

Le 23 août 2020 21:15:55 GMT-04:00, luhux <luhux@outlook.com> a écrit :
On Sun, Aug 23, 2020 at 11:38:47AM -0400, Julien Lepiller wrote:
One possibility is that you're seeing the virtual root filesystem, that thwuld only have a few direccories and the structure up to the directory you created your container in. Are you sure you can access files outside of the directory you started icecat in?

Another possiblity is that you had a running icecat outside of the container. In that case, calling icecat from tge container only opens a new window in the un-containerized icecat. Could it be what's happening?


It is my fault.

The icecat in the container is connected to the icecat outside the container, and then a new window is opened using the icecat outside the container

Close the icecat outside the container, and then open the icecat inside the container, everything is correct.

The problem is solved, thank you very much.

luhux

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]