Closed dostoievsky closed 1 year ago
maximbaz
commented
1 year ago Hi there
You'll find some info here: https://developer.chrome.com/docs/extensions/mv3/nativeMessaging/
Long story short, the browser knows to call a binary at a specified location, pass request data to the binary on stdin, and read the response from stdout.
dostoievsky
commented
1 year ago Then I think a solution would be to serve the binary dir of browserpass-native in guest to host, where browser with the extension will be, and point that dir throught native messaging
I'll try that, and post my results here.
maximbaz
commented
1 year ago I think the executable, when called by the browser, would be "in context" of your host, i.e. it would see host file system and host environment, so I think in addition to that you'd need to make sure that your password store is available on the host and gpg on the host has access to your private key to be able to decrypt your password store entries. (you can set PASSWORD_STORE_DIR and PATH env vars on the host, if you will expose those too from the VM)
For my curiosity, could you tell me why you are trying to get this particular setup, what is the main threat vector that you are protecting against?
dostoievsky
commented
1 year ago Hello Maximbaz. I was not trying to protect myself against a threat. I only like to keep my host with minimum packages at possible, so I do like to put everything in virtual machines.
In the end, after I exposed the binarie, what happened was: I did the build at a archlinux, and my host is a freebsd. When I tried to run, it happened like you said. The binarie is executed by the host because the browser calls and starts it, so it wont load because of missing .so files (a thing that could be resolved with linux kernel modules).
So in the end, I did the setup through BSD Jails, which files are exposed on host, and everything worked like a charm.
In the end, is just a matter of organization. If I do not like the application I can just delete the test machine/jail which I make the setup without have to keep a track of the dependencies of that particular application.
I very thank you for the quick response and discussion, and I am satisfied with this software. I'll be stinking around for some time. :)
Hello. I am trying setup browserpass-native at a virtual machine running Archlinux. I want that service to run under that VM and then, I want to expose it over a network/ssh tunnel to my host. I have made the make setup and started the browserpass daemon. I dont see any port with netstat -tnl, and also have noticed that browserpass does not have a manual yet. So I dont get how connection is done, what would need to be exposed on guest to host so the browser client can archieve connection. The dockerfile also dosent show much of what is happening, can I get more info about this?