Corona is a thing and for some Web tools I need a VPN into my company. Being privacy and performance conscious I would like a lightweight way to sandbox a browser and the VPN to only send that traffic though the company network, leaving the rest of my system alone.
I know about modifying the routing my VPN uses and am familiar with full blown VMs like Virtualbox but was wondering if there is something slimmer?
Wouldn’t it greatly depend on the VPN setup that your company uses? If they used Wireguard then you’d be all set to just use the standard Wireguard client and open a browser window that uses the Wireguard interface, e.g. wg0.
Don’t know about Wireguard but with a VM in should work with every VPN solution. It’s just the hassle of booting up / maintaining a VM that I would love not to have.
I think Wireguard’s take on using network namespaces as part of the security paradigm is really elegant. You could use the same approach for whatever VPN solution your company uses. Set up your VPN, then launch firefox in a specific namespace that uses the VPN, while everything else on your PC doesn’t.