Datasäkerhet och Informationssäkerhet

Robert Malmgren AB

“Trust is good, control is better.”

a blog about unixy stuff and so on


Ironfox now backported to 10.5 and some info about firefox 4

Ok, i haven't blogged in a while, and not updated on Ironfox either. The good news is that i have been bussy. The wrapper have been completly rewritten which will reduce startup time (marginaly probably), and there are now graphical error messages that will pop up if ironfox is unhappy about something. Hopefully you won't notice that :-)

But the biggest news is probably that ironfox have been backported to run on macosx 10.5. Now we need testers. lots of them. The software will be released this week. This and the possibility to add a list of directories that should be allowed for reading and writing are probably the only user visible changes.

Apart from that, ironfox have been tested internaly with firefox4 and if nothing dramatic happens, ironfox with ff4 support will be released the same day as firefox4. The reason that ironfox needs to be updated is because of mozillas new plugin architecture. As each plugin runs in its own separate pluginwrapper, ironfox needs to allow firefox to spawn that process. The good news for us security geeks is that we can contrain the plugins in their own sandbox. This means that even if you allow firefox to write files to your desktop, you don't necessarly need to allow flash to have those rights. Hopefully this will make it much harder to own the browser, as attack vectors get reduced from plugin to plugin ipc with browser :-)