-
Notifications
You must be signed in to change notification settings - Fork 974
Add alert for --no-sandbox [feature-request] #11175
Comments
@luixxiul, I am requesting this alert for all OSes, not just Linux. |
@luixxiul, I also think this warrants the label "security". |
cc: @diracdeltas @darkdh for triage |
Please don't add this alert! Using Brave without sandbox is the only way for me to run it on my work machine. My machine at work runs Scientific Linux 7.4 and I don't have root access, so I can't deploy fixes like this: #6902 (comment) Having some alert nagging me about some issue beyond my control each time I start Brave would get very annoying very quickly. |
@hugobuddel, never showing the security alert isn't the answer. It is necessary to show the user they are running the program with degraded security. You should ask for the option to |
Fixed? |
Same issue on Arch Linux. |
Still occurring on Manjaro (Arch Linux) edit: Version 0.56.15 Chromium: 70.0.3538.110 (Official Build) unknown (64-bit) |
This repo is for the older Muon-based Brave. For the newer Chromium-based Brave, please file an issue in |
Refference Issue
#11134
Description
I was given no alert that brave was running with --no-sandbox. I was just curious and stumbled across the running command looking at
top
.Steps to Reproduce
$ brave --no-sandbox
Expected result:
I expected an alert that --no-sandbox is being used.
Google Chrome gives this alert when --no-sandbox is being used:
"You are using an unsupported command-line flag: --no-sandbox. Stability and security will suffer."
Maybe brave's alert could have a link to a webpage for more information.
Brave Version
Brave: 0.18.36
rev: 7ab85e9
Muon: 4.3.22
libchromiumcontent: 61.0.3163.79
V8: 6.1.534.32
Node.js: 7.9.0
Update Channel: dev
OS Platform: Linux
OS Release: 4.13.3-1-hardened
OS Architecture: x64
The text was updated successfully, but these errors were encountered: