configuring a secure web browsing environment

Hi all,

on my home machine (Linux FC1), I use since quite
some time a separate user account to "surf the Web".

I save files I plan to keep in a directory
named /home/public where everybody has access.

Then, usually from my main (non-root) account,
I organize/backup/delete stuff from that /home/public/
directory.

So there's never too many important things in it.

Moreover, I've a special "archive" directory, where
I archive all webpages I like and I use a special
account to read those archived webpages (this account
is denied access to the net, using iptables --uid-owner
rules). So I can be sure that when I access these, they
won't suddenly change their content or try to "phone
home" or deliver some ads or whatever. (I usually ask
for the "print version" of the webpage, and archive
this version, when available btw).

My "websurfing account" (called, dumbly, "temp" !) has
mainly Firefox + Java + Javascript + Flash 7. All these
programs are installed in "user space", which makes me
less nervous about the potential harm they could make.

I've setup several chrooted Tomcat + CVS servers, is
it similarly "easy" to do with Firefox + Java +
Javascript + Flash 7 ?

What else would you do to harden the security of a Linux
system used to surf the Web /using Java + Javascript +
Flash 7 (installed in userspace though)/ ?

I'm on Fedora Core1, but hints about SELinux solutions
are welcome too.

How do you do to have a "safer" Web surfing experience
on Linux ?

Any hints, information, examples, etc. appreciated.

Thanks,

Jean


P.S : at least with my setup I'm not too worried about
the recent Javascript//Java 1.4.2_05 and previous
security hole that allows access to every files of the
user...