Is Firefox a Good Thing?

[Gregory Maxwell]

On 10/13/06, Andy Green <andy at warmcat.com> wrote:
[snip]
> Shouldn't this cause a terrified reassessment of having Firefox in the
> distro at all, given its unique position running as the user (under
> whose credentials, typically, the entire value of the box resides),
> making connections to random addresses and running poorly understood
> local code according to what it finds there?

Before I reinvent the wheel, can someone tell me if something like
this is being done:

For most user applications it would be possible to SELinux sandbox
them very tightly (nothing more than file access to a few specific
files/directories, no sockets to the local box except for printing,
etc) were it not for one issue: File save / File load.

As a result It would really make sense to convert the file save load
into a separate process which can read/write anywhere the user has
access and then communicate to the hosting app via stdin/out or other
lightweight IPC.   The file box app could be carefully audited so that
we could be confident that it would only read and write things with
the users consent.

Most user apps could be tightly confined with only this one little
tool.. gimp, gaim, xchat, etc.

Is anyone already working on something like that?