Do Flatpak Chromium browsers offer sanboxed tab isolation?

due to zypak i find flatpak issue that sanbox cant be enabled.

Mh. Maybe I’m wrong, but I flatpaks are already sandboxed per se, then there is no point to use another sandbox. Apart technical reasons that I don’t know/understand.

From Project Discussion to Ask in Other Languages

Added flatpak and removed engineering

Can you please provide more information in your post @frankjunior ? If one has to read the issue to understand the basics of what you’re asking, you’re not going to get a lot of responses.

So: what exactly is the context? what are you trying to do? what is the issue? what is the specific query?

Edit: sorry, I put it in the wrong category!

1 Like

From Ask in Other Languages to Ask Fedora

sure i can explain this but still i recommend this to read it wont take a long as the discussion happen in may21 onward you need to observe

cromite is a cromium base browser which offers patchs from brave and inox and graphene projects vanadium and also ungoogled chromium patchs in a unmodified ui of the browser which provide a unmatched privacy and security.
This is a soft fork of bromite browser that was well known for this but recently i saw they are planing for a linux port to flathub flatpak and snap in future.
So this is realated to that

And read 3posts after that

1 Like

Added chromium, security

Thanks for the info.

Cromite is an Android Browser and the forked continuation of Bromite, which also served a Webview implementation in the past but is unmaintained.

It is a parralel effort to GrapheneOS’ Vanadium and often the recommended Browser on non-GrapheneOS Android (as Vanadium includes patches that may break regular Android, as only GrapheneOS has the patches).

To the Flatpak:

There are 2 kinds of sandboxes here. @ankursinha mentioned the bubblewrap sandbox of the browser process itself.

The browser and all its subprocesses are isolated using bubblewrap. The sandbox uses a seccomp filter, which is used to block certain syscalls.

This is good for security, but also prevents ALL flatpak apps from creating user-namespace sandboxes. These sandboxes are normally used by Firefox and Chromium for process isolation.

This process isolation also includes isolating the tabs.

Firefox just ALSO has another sandboxing way, seccomp-bpf. The flatpak just uses that, and they just assume its time, but I think its pretty crazy.

Chromium also use BPF for their tab sandbox and their sandbox is compatible with other ways, because they use the fork server zygote also used in Android for app isolation.

Zypak uses flatpak-spawn to isolate the child processes with bubblewrap.

This is kind of experimental, but should not be an issue.

Zypak is not compatible with Firefox, because Firefox does not use a fork server yet. They are said to work on one.

But all flatpak apps can use nested/stacked seccomp filters, to basically have sub-processes be more isolated than themselves.

It is complex, and it is safe to assume that Flatpak Firefox is less secure than Flatpak Chromium.

I wrote more about that here

I just fixed up a lot of nonsense I wrote in the past :slight_smile:

but as per them they abandoned the idea of flatpak due to this was not possible to snapbox.
i could not hep here as i dont have the knowledge about the flatpak

They can use zypak, just like all other Chromium browsers do. Brave is even official.

So what was the purpose of this post, and how does that relate to Fedora ? I see:

  • If you were looking for a We Browser with some kind of similar development you can check out Throium. Works in a toolbox if you want it to.

can you explain that to them.
what i understand from there discussion is faltpak packaging is not good

From Ask Fedora to The Water Cooler

According to this thread shipping Chromium in a Flatpak does weaken its sandbox.

Pls check the namespace structure of Flatpak’s Chromium vs the official native Chrome with lsns -T. You will see a noticable difference and weakened site isolation. The native Chrome namespace structure is more fine-grained. Thus leading to better horizontal isolation.