Integrate the MacOS sandbox into an executable Firefox application

Mar 02, '11 07:30:01AM

Contributed by: Lutzifer

Following up on the ideas of this previous hint, there is also a possibility to make an application which starts with the sandbox already activated, so there is no need to run a shell script every time you need the sandbox.

This is how to do that:

From now on (until the next Firefox Update) you can use FirefoxSandbox.app as a more secure browser.

Here is a script that automates necessary modifications (which you can download from here).
#!/bin/sh
# make a copy of firefox
cp -R /Applications/Firefox.app/ /Applications/FirefoxSandbox.app/

# Copy the sandbox definition into the Application 
cp sandbox /Applications/FirefoxSandbox.app/Contents/MacOS/sandbox

# Copy the sandbox-script into the Application
cp firefoxSandbox /Applications/FirefoxSandbox.app/Contents/MacOS/firefoxSandbox

# Make the sandbox script executable
chmod u+x /Applications/FirefoxSandbox.app/Contents/MacOS/firefoxSandbox

# Modify the info.plist file
mv /Applications/FirefoxSandbox.app/Contents/info.plist /Applications/FirefoxSandbox.app/Contents/info.plist.old 
cat /Applications/FirefoxSandbox.app/Contents/info.plist.old | sed s/firefox-bin/firefoxSandbox/ > /Applications/FirefoxSandbox.app/Contents/info.plist

[crarko adds: I haven't tested this one. I've mirrored the script download here.]

Comments (4)


Mac OS X Hints
http://hints.macworld.com/article.php?story=2011022702082736