Security Against Malicious Apps


Urbit is not secure today, but we do know how to secure it.

The most important effort is userspace permissions, which provides a security model for the barrier between different applications running in userspace, as well as the interface between userspace applications and the kernel.

Sandboxing browser clients will complete permissions enforcement for Urbit applications.


Next Up

Frontend Sandboxing


3-6 Months

Sandboxing browser clients will prevent malicious apps from using their clients to circumvent userspace permissions policies.

Next Up

Userspace Permissioning

end date


Kernel and applications are both unprotected against malicious applications until userspace permissioning is added.