Hopefully this is an OK place to ask this, I haven’t been able to find a proper answer searching around.
As a fairly security conscious Linux user I’ve been looking into the sandboxing approach different Linux browsers take, in particular for sandboxing between tabs and within the browser engine, and haven’t been able to find much about Epiphany beyond the fact that it uses some sort of sandboxing. By way of comparison, both Chromium/Blink based browsers and Firefox based browsers use userns and seccompBPF, with Chromium+derivatives using various replacements for userns in flatpaks and Firefox just relying on seccompBPF when running in a sandbox. How does this compare to Epiphany? Does it use userns and/or seccompBPF when running natively? Does it use flatpak-spawn to emulate userns in the flatpak or just rely only on seccomp?
Ah, typical, the moment I post this I try a different search and find it: Isolated processes for privacy and security in gnome web
For reference in case this comes up instead of the above post (which doesn’t directly mention “sandbox”) - it does look like Epiphany uses flatpak-spawn in the same way as patched Chromium browsers inside a flatpak, so in theory (assuming all else equal) it could provide a stronger sandbox than Firefox, although I won’t mark this as the solution just yet because it would be good to see if seccompBPF is also used, if anyone is able to confirm if that’s the case?
When not running under Flatpak, it uses libseccomp (reference). I don’t know whether libseccomp uses seccompBPF.
Under flatpak, it’s just flatpak-spawn to get a new flatpak sandbox.