[clug] Process sandboxing

Ben Nizette bn at niasdigital.com
Wed Jul 13 22:19:06 MDT 2011

On 14/07/2011, at 1:43 PM, jm wrote:

> Anyone have any thoughts on sand boxing a process on linux? I was originally thinking of using chroot, but this still leaves network access and a few other holes open. The objective is to allow untrusted third parties to upload scripts to a server for it to run with the only way to communicate out being via functions I provide. It seems all the most common scripting languages make it nearly impossible to easily remove/limit functionality from the language. So the overhead of going that way would be a killer most likely involving modifying the interpreter for each language used. The alternative would be to get the OS to limit what the scripts can do.  Alright over to you guys.

This is more or less what the seccomp kernel extension is supposed to do (I've not used it myself).  The risk is that this mechanism is too restrictive and not sufficiently configurable - that's certainly what the Chrome people were saying when they looking in to seccomp for their sandbox.  Might work for your app though.


> Jeff.
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux

More information about the linux mailing list