[tor-talk] Is there a way to use internet in a sandbox environment? (Linux)

blacklight447 at tutanota.com blacklight447 at tutanota.com
Wed Apr 3 06:42:34 UTC 2019 

You could also try to run whonix, which you can also use as a sort of sandbox.

Apr 2, 2019, 1:01 PM by npdflr at zoho.com:

> Hi Jim,
>
> Can you elaborate or give example on how to run a live CD/DVD for internet access.
>
> One has to install an OS on the CD/DVD and there needs to be some means for CD/DVD to access a network-specific firmware etc for using the internet, am I right?
>
>
>
>
>
> ---- On Sat, 30 Mar 2019 00:13:43 -0700 Jim <> jimmymac at copper.net <mailto:jimmymac at copper.net>> > wrote ----
>
>
>
> Ben Tasker wrote:
>
>>
>>
>> But don't, please, follow the suggestion of using root for routine
>>
>> non-internet tasks. You should use privileged accounts only when you
>>
>> actually require that level of privilege. Also keep in mind that while
>>
>> malware running as an unpriviliged user cannot (generally) hose the system,
>>
>> it can still steal/corrupt whatever data that user has access to. Unless
>>
>> this is a shared system, you probably care more about that data than the OS
>>
>> files themselves.
>>
>
>
>
> Ben is right about not using root for routine tasks.  But you can
>
> still follow your original idea by creating one or more
>
> *nonprivileged* accounts for non-internet tasks.  Even w/o using
>
> VMs you can block these accounts from *initiating* connections to
>
> the Internet with iptables rules.  If you set up permissions
>
> correctly, then so long as malware does not achieve root level
>
> privilege the information in these non-internet accounts should
>
> remain safe.  So you have a range of options from no VMs to fully
>
> isolated VMs on separate machines to running a live CD/DVD for
>
> internet access.
>
>
>
> HTH
>
>
>
> Jim
>
>
>
>
>
> -- 
>
> tor-talk mailing list - mailto:> tor-talk at lists.torproject.org <mailto:tor-talk at lists.torproject.org>
>
> To unsubscribe or change other settings go to
>
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
> -- 
> tor-talk mailing list - > tor-talk at lists.torproject.org <mailto:tor-talk at lists.torproject.org>
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
>

More information about the tor-talk mailing list