A hardened chromium for desktop Linux inspired by Vanadium, using Fedora's Chromium as a base. Intended for use with hardened_malloc as packaged and provided by secureblue.
- Desktop-relevant patches from Vanadium (located in vanadium_patches)
- Changes that increase hardening against known and unknown vulnerabilities
- Changes that make secondary browser features opt-in instead of opt-out (for example, making the password manager and search suggestions opt-in)
- Changes that disable opt-in metrics and data collection, so long as they have no security implications
- Any changes that sacrifice security for "privacy" (for example, enabling MV2) why?
- Any novel functionality that is unrelated to security
Official support is only provided via secureblue. Unsupported installation is also possible via COPR.
The following flags are available that provide additional hardening but may cause breakage:
chrome://flags/#enable-network-service-sandboxchrome://flags/#show-punycode-domainschrome://flags/#disable-cross-origin-referrers
The following flags are also provided for convenience if you need them:
chrome://flags/#incognito-launchchrome://flags/#extensions-support
Follow the contributing documentation, and make sure to respect the CoC.
