[Pkg-chromium-maint] Bug#856169: Chromium installs a setuid binary without obvious need nor warning

Michael Gilbert mgilbert at debian.org
Sat Feb 25 21:23:31 UTC 2017

control: severity -1 wishlist
control: retitle -1 chromium: switch to namespace sandbox

The sandbox is a necessary security feature.  A bug years ago doesn't
necessarily mean that it is faulty today.  There are lots of new
security bugs in chrome every few weeks, and rarely do they have to do
with the sandbox.

That said, there is a more modern sandboxing approach that uses
namespaces [0], but it is too late to change to it for stretch.

Best wishes,


More information about the Pkg-chromium-maint mailing list