On Wed, 21 Sep 2016 21:51:10 +0000 Yawning Angel yawning@schwanenlied.me wrote:
There shouldn't be anything stopping people from using a nested X solution with sandboxed-tor-browser, since it honors DISPLAY and writes out a new ~/.Xauthority in the sandbox tmpfs, as long as the secondary X server puts the AF_LOCAL socket in the traditional location under /tmp.
Yep, Xephyr "just works", assuming you make sure to add a `MIT-MAGIC-COOKIE-1` credential for it to the Xauthority file. For convenience I added an option to the config file to override the DISPLAY env var that sandboxed processes see.
It works ok, but isn't for me, because copy and paste between the parent and nested X session is a huge pain.
I briefly considered adding an option to auto-start the nested X server, but certain aspects of the Firefox UI break without an window manager.
Regards,