views:

118

answers:

5

Is it possible to disable access of some program to files completely? Because I don't want it to have any kind of access to files on system, is it possible to compile it so it doesn't have access to file stream or to run it someway it cant access files?

+5  A: 

The closest you'd be able to come to that is to run your program in a chroot jail.

Blrfl
how could I chroot program so it could be still executable, I tried few ways but it would trow up errors because some libraries could not be found
@user460907: If you have access to the source, you should be able to do it from there without much trouble. Run the program from outside the jail, then have the program cd to the jail and chroot itself. Alternatively, you can start the program in the jail, but the required libraries for the program must be present in the jail. Google, there exist tutorials for this.
Thanatos
Or use SELinux...
David Gelhar
@Blrfl and @Thanatos ty very very much that is exactly what I needed
Rakis
+1  A: 

In an unmanaged environment, code cannot tell itself not to do something it shouldn't. CAS is part of managed environments only, where the runtime provides an extra level of access control. It's up to the OS to prevent applications from doing things that the user they are running on behalf of cannot do. You should be able to run the application as if you were a different, more limited user; then, you could limit the user's access rights to the resource and the OS will prevent the code from accessing it.

KeithS
+1  A: 

In Linux, you can change the owner of the process to nobody. This is no big security increase, as nobody still can access files etc. but it's better than running as a local user or root:

      struct passwd *pw = getpwnam("nobody");
      if (!pw)
         printf("Error: Unable to look up info about user nobody");
      else{
         setuid(pw->pw_uid);
         setgid(pw->pw_gid);
      }
fschmitt
A: 

In theory you can direct the linker not to link fopen and so on. You'll probably have to use static linkage.


But, often, when you come to a requirement like this you're approaching the problem from the wrong direction. What is it you are trying to achieve with this hack? Why do you want this?

dmckee
Even if functions like `fopen()` aren't linked, the process can always directly make syscalls without needing any external library code.
caf
A: 

Under Windows, you can start the process under a restricted token

This requires more than just a basic knowledge of Windows API, but it's possible.

Alex Emelianov