Browsers have their own sandboxing mechanisms and security features. Are they influenced by how secure the linux kernel is (eg. Fedora kernel vs Debian kernel). Let’s say someone wants to hack me through the browser, does the Linux kernel matter in that situation?
Yes.
To elaborate: that sandbox entirely relies on the kernel to limit the syscalls and the kernel to not be vulnerable on the remaining syscalls.
This is the same reason things like containers are not a security boundary and it is recommended to use eg. gvisor or a full VM.
Does that mean that Brave browser for example is more secure on Fedora than on Debian because Fedora has more secure kernel? I am sorry but i am not an IT person and i strugle to learn how i can be hacked. I was told that if my browser was compromised then a hacker can do anything (read files, other app data etc.) so i cannot understand how kernel security protects me. Do you mean kernel security is important pre-browser compromise or post-compromise?
There are two main ways to compromise a system from within a browser.
The first way is through kernel exploits. Programs switch from user mode and to kernel mode and back many times during execution through syscalls. Some syscalls are blocked through the browser sandbox’s seccomp filter, while others are available from within the renderer process to provide some functionality. If an attacker can exploit a kernel vulnerability from inside the sandbox, he can escalate to kernel, which is a full OS compromise.
The second is through exploiting vulnerabilities via IPC between the renderer sandbox and the browser’s unsandboxed main process. This will give an attacker the same access as the security context of the main Browser process hast access to, which is normally the same as the unix user starting the browser.