I take this to mean that you think they are rare, confirming a part of my assessment on the probability of risk. Since I cannot reply to your other comment, I will respond here. What proportion of Firefox-Linux users do…
> It's hard to overstate how much of a benefit this is in terms of security for those on Linux. I assumed you talked about "those on Linux", not "those on Linux who have non-negligible probability of being targeted by…
We are talking about users of the Linux operating system. Many of them do know what a VM is. If they don't, or if they expect to be able to run untrusted programs willy nilly, then the benefit of Firefox doing this is,…
By the probability of this risk scenario (visit evil.com, be the victim of a successful RCE, with a particular method of privilege escalation that somehow gets all the right details to work) it sure looks to me like you…
In the common scenario of a single user, on a single user machine, running programs under his uid, the benefit is basically zero. If such a user wants to run untrusted programs, he'd use a virtual machine anyway. So, I…
I take this to mean that you think they are rare, confirming a part of my assessment on the probability of risk. Since I cannot reply to your other comment, I will respond here. What proportion of Firefox-Linux users do…
> It's hard to overstate how much of a benefit this is in terms of security for those on Linux. I assumed you talked about "those on Linux", not "those on Linux who have non-negligible probability of being targeted by…
We are talking about users of the Linux operating system. Many of them do know what a VM is. If they don't, or if they expect to be able to run untrusted programs willy nilly, then the benefit of Firefox doing this is,…
By the probability of this risk scenario (visit evil.com, be the victim of a successful RCE, with a particular method of privilege escalation that somehow gets all the right details to work) it sure looks to me like you…
In the common scenario of a single user, on a single user machine, running programs under his uid, the benefit is basically zero. If such a user wants to run untrusted programs, he'd use a virtual machine anyway. So, I…