The process for using Tor Browser is very similar, it just has different Tor Browserĭocker is a good way to use Tor Browser if a full-virtualisation solution I discuss how to persist addons and bookmarks later.
Volumes and mounts are not recommended, as they would createĪn avenue for malware (such as malicious addons) to persist. Volumes or mounts should be used instead. There should be little reason to do this, as if browser history/data is desired, –rm can be omitted if the container should retain data after exiting, however If SSH tunneling for a secure connection to the server is desired, still bind to localhost. usepw can be omitted if the password generation line was. The 127.0.0.1: can be omitted to bind to 0.0.0.0 or changed to bind to a private network. The headache of that, but I regard it as unnecessary for this purpose. Docker-compose is used partly for removing ĭocker container behavior and security can depend heavily on what runĪrguments are specified for a container. RUN bash -c 'echo "firefox" > /home/user/.bashrc' Build and Runīuild the image with $ docker build -t firefox. # Set so that when xterm launches on login, it will launch Firefox RUN bash -c 'PASSWD=$(head -c 20 /dev/urandom | base64) echo "VNC Password: $PASSWD" x11vnc -storepasswd $PASSWD /home/user/.vnc/passwd' # If the container will be used locally and there are no other users or services that could access it, this line can be omitted Do not publish the image anywhere or reuse it, be sure to rebuild each time
# We generate the password for VNC during image build time, which would normally be poor practice, however this makes it easier to keep RUN adduser user # It would be poor practice to run a browser as root, even in a container Openbox # Openbox is optional, one could use i3 or forego entirely RUN apt-get install -y x11vnc xvfb firefox \ FROM ubuntu:latest # we could probably use a lighter os, but firefox dependencies make it not matter much Annotated Dockerfileīuild the following Dockerfile using $ docker build -t firefox. This article uses the VNC option, due to the security and pure VNC is not a secure protocol, see VNC section.Most secure option (when a good password is set).Doesn’t work well with Windows or Mac as host.
0 kommentar(er)
