Hi, I was using firefox within sandboxes for a while without perm. home directory. To store bookmarks, addons and so on, I started to use perm. homedir (-H). Because firefox does not allow multiple concurrent sessions (lock on .mozilla) it is not possible to open multiple websites when specifying the same sandbox homedir, hence I'm looking for a possibility to open new websites within a running sandbox from outside. Without sandboxes everyone can open new websites in a running firefox instance using: firefox -remote "openurl(http://www.mozilla.org)" sandbox scenario: 1. step: start firefox: sandbox -X -H homedir -T tempdir -t sandbox_web_t -l s0:c100,c100 firefox 2. step: sandbox -H homedir -T tempdir -t sandbox_web_t -l s0:c100,c100 firefox -remote "openurl(http://www.mozilla.org)" My current attempts fail because I'm unable use the '-l' option (#632377) but would the policy allow the 'firefox -remote' command if type and security level matches with the already running sandbox? kind regards, Christoph
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
