views:

102

answers:

7

I am trying to run a program compiled from C code from an unknown source. I want to make sure that the program does not harm my system in anyway. Like for instance, the program might have soemthing like system("rm -rf /") in the source, which is un-detectable, unless the code is thoroughly examined.

I thought of the following 2 ways

  1. Run it inside a VM like VMWare
  2. Build a windows exe on linux and run on wine

Both are not very elegant solutions and I cannot automate them. and also, in case of 1, it can harm the VM.

Any help would be appreciated.

I want to run the program in what we can call a "sandbox".

A: 

Create an user that has write access only to non-critical directories. Run the program as that user. If you are also interested in privacy, consider also restricting its read rights.

Flavius Stef
A: 

The wikipedia page for chroot may be a good start. It describes chroot and also provides links to a few, more thorough alternatives.

vanza
A: 

chroot is one possibility if you want to isolate it from everything else but still have an environment for it to run in.

http://en.wikipedia.org/wiki/chroot

https://help.ubuntu.com/community/BasicChroot

birryree
+1  A: 

You can use something like schroot and chroot the program, but anything of sufficient nastiness will bust out of that.

You best bet is probably a virtual machine (vmware or virtualbox) and taking a snapshot before compiling and running the program. That way you can roll back if something goes horribly wrong.

Dave
In fact, you should just roll it back after testing anyway, because you might not have noticed what went horribly wrong.
caf
@caf True, if it's untrusted then it's untrusted. Don't muck about and rollback anyway.
Dave
Virtual machines are not exactly a secure environment either, if the program being executed knows it's in one.
Jonathan
+2  A: 

Check out seccomp. It was designed for this use case.

florin
This is actually very good if it works! I will try to implement this and report here if it works. Thanks @florin!
arbithero
+1  A: 

Geordi uses a combination of chroot and interception of syscalls to compile and then sandbox arbitrary code.

Roger Pate
Geordi source has a lot of ideas I can use. Thanks!
arbithero
A: 

Run it on a non-networked computer that you will re-image once it's done. There is no safe way to run it on a machine and continue to trust that machine afterwards.

Jonathan
Or, at least, a computer not on a local network.
Jonathan