Gentoo Archives: gentoo-dev

From: Geert Bevin <gbevin@×××××××.be>
To: gentoo-dev@g.o
Subject: [gentoo-dev] new path sandbox version
Date: Sun, 02 Dec 2001 18:43:59
1 Hello everyone,
3 I've continued the work on the path sandbox. Since access holes might
4 happen when an application resets the LD_PRELOAD variable, I've added an
5 additional feature which can only work when the sandbox is being ran as
6 the root user. When the sandbox is first started up by the root user, it
7 adds the path to its glibc replacement library to the
8 '/etc/' file. Multiple root executed sandbox instances are
9 tracked and when the last ones exits, the entry from the
10 '/etc/' file is removed. All this happens as securely as
11 possible with the implementation of file locks and such.
13 Due to the addition of this library to the '/etc/' file,
14 all system apps become affected by the sandbox. To prevent this from
15 having an effect, the sandbox checks for the SANDBOX_ON environmental
16 variable and only becomes functional if its present.
18 To be able to implement this I've removed the prior shell wrapper and
19 implemented everything in c. To test this out, just cd in the archive
20 dir, run 'make' and './sandbox'.
22 Note that the sandbox only works with dynamically linked executables and
23 since bash in gentoo is currently statically linked, it's calls aren't
24 traced at all. Tomorrow I'm performing some tests to examine how a
25 dynamically linked bash could potentially interfere with library
26 upgrades in gentoo (as requested by Daniel).
28 Please test this out and provide feedback,
30 Geert Bevin
32 --
33 Geert Bevin
34 the Leaf sprl/bvba
35 "Use what you need" Pierre Theunisstraat 1/47
36 1030 Brussels
37 gbevin@×××××××.be Tel & Fax +32 2 241 19 98


File name MIME type
sandbox-20011203.tar.bz2 application/x-bzip