[microtonal]

They can then break out from the browser, but only get to docker with that exploit, and it's unlikely they have a docker exploit too at hand, is it?

If you are running Firefox on X11 (which most Linux users probably still do), you do not need to escape Docker. You can make screenshot, capture keystrokes, and send keystrokes, all through the X11 socket.

(Furthermore, you do not need a Docker exploit, a Linux kernel exploit can be enough to break out of a container. This is one of the reasons for e.g. gVisor to implement syscalls in userland and in a safer language.)

Using VMs as e.g. Qubes OS does is probably a bit safer than a Docker container.

[MrRadar]

> If you are running Firefox on X11 (which most Linux users probably still do), you do not need to escape Docker. You can make screenshot, capture keystrokes, and send keystrokes, all through the X11 socket.

Also, this is why Wayland is much more restrictive about these types of operations. People love to complain that "I could do thing with X without special privileges" but the world has moved on since X was designed and it absolutely has not kept up.

[Avamander]

People are totally right to complain about basic features being left out, not not having a standard secured low-overhead video recording and screenshotting is simply stupid and harmful for Linux.

[gnufx]

I don't know how effective it is, but firejail can use xpra or xephyr to firewall X.