1
WARNING: The sandbox is currently in alpha state and should only be used for testing. The resulting executable must be a SUID binary since many of the used API calls need root rights, therefore any error in the source code may result in privilege escalation. Use it only if you are sure what you are doing!
3
The Pipelight sandbox allows you to run untrusted code inside a sandboxed environment. Simply write pipelight-sandbox before your normal command line to execute the program inside the sandbox. The program will have readonly access to the file system and will not be able to communicate with processes outside of the sandbox. The only exceptions are the X Server pipe which is available and you can manually specify a directory which will be writeable by setting the environment variable SANDBOXWRITEDIR (filesystem restrictions are still enforced). All processes with the same SANDBOXWRITEDIR and same user will be started in the same sandbox. If the started process terminates the rest of the environment will get a grace period of 30 seconds, then the sandbox will destroy itself. If you join new processes from the outside of the sandbox the timer will be disabled again.
5
Moreover the sandbox uses the following techniques to protect your system (requires Kernel >= 3.5):
6
- separate pid namespace
7
- separate mount namespace
8
- separate ipc namespace
9
- separate network namespace (no network allowed at all!)
10
- chroot with minimal privileges (nosuid, readonly, ...)
11
- deny gaining root rihgts again (only if PR_SET_NO_NEW_PRIVS is available, but nosuid should protect you anyway)
13
Simply use "make install" to compile & install pipelight-sandbox.
b'\\ No newline at end of file'
added
removed
README
