Re: Sandboxing

From: Erik Trulsson <ertr1013@xxxxxxxxxxxxx>
Date: Wed, 8 Nov 2006 15:23:06 +0100

On Wed, Nov 08, 2006 at 09:08:02AM -0500, Lowell Gilbert wrote:

"mal content" <artifact.one@xxxxxxxxxxxxxx> writes:

On 08/11/06, mal content <artifact.one@xxxxxxxxxxxxxx> wrote:

Hi.

This is mostly hypothetical, just because I want to see how knowledgeable
people would go about achieving it:

I want to sandbox Mozilla Firefox. For the sake of example, I'm running it
under my own user account. The idea is that it should be allowed to
connect to the X server, it should be allowed to write to ~/.mozilla and
/tmp.

I expect some configurations would want access to audio devices in
/dev, but for simplicity, that's ignored here.

All other filesystem access is denied.

Ready...

Go!

MC

I forgot to add: Use of TrustedBSD extensions is, of course, allowed.

Putting an X Windows application in a sandbox is kind of silly. After
all, X has to have direct access to memory.

The X *server* needs direct access to memory. X clients (like Firefox or
just about any other application using X) does not need direct access to
memory. They don't even need to run on the same machine as the X server.

A virtual machine
approach, with a whole virtual set of memory, might make more sense.
I use that (via qemu), although not for exactly the same reasons.

--
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@xxxxxxxxxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Follow-Ups:
- Re: Sandboxing
  - From: mal content

References:
- Sandboxing
  - From: mal content
- Re: Sandboxing
  - From: mal content
- Re: Sandboxing
  - From: Lowell Gilbert

Prev by Date: FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive
Next by Date: Re: FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive
Previous by thread: Re: Sandboxing
Next by thread: Re: Sandboxing
Index(es):
- Date
- Thread

Relevant Pages

Re: Web Proxy Client - Direct Access to internal web servers of remote subnets not working
... I believe that the direct access is correctly configured but that it is not ... Forgot to tell, on the ISA ... server I configured route's to the remote subnets. ... On the client I get ...
(microsoft.public.isa.clients)
Re: direct access to display memory
... DirectX allows direct access to video memory. ... "Masoud Rozati" wrote in message ... >I need a quick and efficient way of accessing display memory. ...
(microsoft.public.win32.programmer.gdi)
Re: OWA Security W2K server
... I have a user who reports, when she tries to log on to OWA from home, she ... get direct access to, a random, other users mail box. ... I found an MS security bulletin, Microsoft Security Bulletin MS04-002, ... The server is SP4 and fully up to date. ...
(microsoft.public.exchange2000.general)
Re: [opensuse] Re: Creating a swap file
... than the full-size "word" of most architectures of the time. ... That's not direct access to a bit, ... would compare directly to a certain bit in a byte in memory. ... Of course, now that memory is nearly infinite for nearly zero cost, ...
(SuSE)
Re: asp changes do not show on clustered IIS 5.0
... I've had this problem as well, luckily you have direct access to the server where I did not. ... then I do a Save As and save the file as the same name refresh the browser and see if that works. ... All of the asp pages are ...
(microsoft.public.inetserver.asp.general)