Running a web browser as root

Most security advisories for the Firefox web browser include patches to correct vulnerabilities for remote code execution. These vulnerabilities are exploited by remote code hosted on other websites or by a MITM injection of code.

The Attack

When an attack happens, code from the remote web server, or the injected code, is executed on the local computer. Depending on the level of access of the user running the web browser, the executed code potentially has access to whatever data the user has access to. This access could potentially extend beyond the system where the code was executed.

Run as a user and the browser has access to all the user files. Run as root and the browser has access to the entire system. Given the likelihood of any given browser being affected by remote code execution flaws, the number of these types of flaws, and the wide attack surface (nearly every web site should be considered untrustworthy in this context) it is advised to never run a web browser as the root user.

Mitigations

SELinux can provide some mitigation to prevent access to certain files or services. Because code executed by the browser would be run as the browser, files not usually accessible from the browser would be blocked. Better would be the use of an SELinux Sandbox for the web browser. Unfortunately, these solutions aren't great for usability although there is hope of the technology getting better.