Re: Sandboxing
"mal content" <artifact.one@googlemail.com> writes:
> So, uh, is that it?
>
> Nobody sandboxes on FreeBSD?
Right. The Handbook and FAQ discussions of sandboxes are strictly
there as practical jokes.
Seriously, though, while Erik Trulsson was correct in pointing out the
difference between an X client and an X server (only the latter has
direct access to memory), X clients do have fairly privileged access
to the server, and I don't have a lot of confidence in the safety of a
sandboxed application running in a normal X session. It's certainly
possible, though; jail(8) and chroot(8) are the obvious places to
start. As I think I mentioned earlier, I use qemu VMs to do something
similar, although in my case the main point is to start the
application from an *identical* configuration every time.
The trouble with running a complex application (like a web browser) in
a chroot or jail is that it has a long chain of other files it needs
to access at runtime. Putting all of those inside its captive
directory tree will be quite a bit of work.
Server daemons are a different story; many of them are designed to
work well in a limited environment, and doing so is quite easy. In
fact, named(8) seems to do that by default on FreeBSD these days.
Be well.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 11 之 13 篇):