Burp Suite User Forum

Login to post

Use embedded browser sandbox as root-user

Robin | Last updated: Sep 14, 2020 07:11AM UTC

Hello, is there a possibility to use the embedded browser sandbox as a super-user? I am using Burp Suite Professional v2020.8.1 on Kali Linux. "Running as super-user, embedded browser sandbox is not supported" Embedded Browser Health Check: "Unable to created headless browser with sandbox" Thank you in advance.

Ben, PortSwigger Agent | Last updated: Sep 14, 2020 01:00PM UTC

Hi Robin, The Burp embedded browser is based off of Chromium, which does not allow the root user to launch the browser with the sandbox enabled. In Chromium this is carried out for security reasons. If you have to use the root user to run Burp, then you would need to enable the "Allow the embedded browser to run without a sandbox" option in Project options -> Misc -> Embedded Browser in order to use the embedded browser.

Robin | Last updated: Sep 17, 2020 06:43AM UTC

Hi Ben, thank you for your response. I've enabled this option but I still get the following error: "Can not start embedded browser sandbox because you are running as root. Either switch to running as an unprivileged user or allow running without sandbox."

Ben, PortSwigger Agent | Last updated: Sep 17, 2020 07:21AM UTC

Hi Robin, You may need to enable this option and restart Burp - have you tried this?

Robin | Last updated: Sep 17, 2020 07:32AM UTC

Yes, I've also tried this but I should to have enable this option by every start.

Ben, PortSwigger Agent | Last updated: Sep 18, 2020 07:26AM UTC

Hi, To confirm, you have the "Allow the embedded browser to run without a sandbox" checkbox ticked in Burp and you are still seeing that error message when you try to launch the embedded browser via the Proxy -> Intercept tab? If so, firstly, can you try to upgrade Burp so that you are on the latest version (2020.9.1) to see if that makes a difference. Secondly, what version of Kali Linux are you running and how did you install Burp Professional?

You need to Log in to post a reply. Or register here, for free.