Date: Thu, 09 Nov 2006 09:47:37 -0500 From: Lowell Gilbert <freebsd-security-local@be-well.ilk.org> To: "mal content" <artifact.one@googlemail.com> Cc: freebsd-security@freebsd.org Subject: Re: Sandboxing Message-ID: <44slgs3cdy.fsf@be-well.ilk.org> In-Reply-To: <8e96a0b90611082359jbc85b37kad6109a0aa87598@mail.gmail.com> (mal content's message of "Thu, 9 Nov 2006 07:59:22 %2B0000") References: <8e96a0b90611080439n558022edj79febf458494ef6e@mail.gmail.com> <8e96a0b90611080441t2b486637ya10acd5a1dd77690@mail.gmail.com> <44irhq6ngd.fsf@be-well.ilk.org> <20061108142306.GA64711@owl.midgard.homeip.net> <8e96a0b90611082359jbc85b37kad6109a0aa87598@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"mal content" <artifact.one@googlemail.com> writes: > So, uh, is that it? > > Nobody sandboxes on FreeBSD? Right. The Handbook and FAQ discussions of sandboxes are strictly there as practical jokes. Seriously, though, while Erik Trulsson was correct in pointing out the difference between an X client and an X server (only the latter has direct access to memory), X clients do have fairly privileged access to the server, and I don't have a lot of confidence in the safety of a sandboxed application running in a normal X session. It's certainly possible, though; jail(8) and chroot(8) are the obvious places to start. As I think I mentioned earlier, I use qemu VMs to do something similar, although in my case the main point is to start the application from an *identical* configuration every time. The trouble with running a complex application (like a web browser) in a chroot or jail is that it has a long chain of other files it needs to access at runtime. Putting all of those inside its captive directory tree will be quite a bit of work. Server daemons are a different story; many of them are designed to work well in a limited environment, and doing so is quite easy. In fact, named(8) seems to do that by default on FreeBSD these days. Be well.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44slgs3cdy.fsf>