Is sandbox active on Linux?

linux

#1

I’m using Brave on archlinux, installed through the AUR (brave-bin).

When looking at the system monitor, I see a bunch of brave processes with a “–no-sandbox” flag.
But when I check with the following command:
ps aux | grep chrome-sandbox
user 10293 0.0 0.0 10788 2224 pts/0 S+ 12:41 0:00 grep --colour=auto chrome-sandbox
there’s actually a sandbox running…

So in this case is Brave running inside a sandbox or not?
If not, how to enable or make sure the sandbox is working?

Thanks


#2

Please follow the steps mentioned here


#3

Alternatively, you can install firejail and run Brave within firejail :smiley:
I would trust this more than the browser’s “sandbox”


#4

not working on archlinux, there’s no “procps” service to restart.
the linked instructions are debian/ubuntu specific.

don’t understand why chromium runs sandboxes but brave requires some changes to the kernel or system service config, can’t this be done the way chromium does?


#5

cc: @yan for comments


#6

I have the same problem. I uninstalled this browser in Linux because if no sandbox the browser is not safe


#7

Note from the team

There will be no support for the old chromium sandbox since chromium is removing it in the future


#8

So, if there’s no support for the old Chromium sandbox, what’s the alternative to get Brave to startup on linux?


#9

So 7 months later still nothing new on this?

I’d love to use brave but with no sandbox its not possible, it’s the minimum security standard these days for a browser, which is the #1 attack vector.