tags:

views:

54

answers:

4
+2  Q: 

Giving a unix process exclusive RW access to a directory

Is there a way to sandbox a linux process into a certain directory, and give this process exclusive rw access to this dir? For example, create a temporary working directory, and start e.g. python or another scripting tool in such a way that it can only write in this directory, without limiting too much of its functionality. And also that only this process can access read from this directory (except for superusers of course).

I need this to sandbox a web service that basically allows users to run arbitrary code. We currently do authorization in the software itself, but in the end all processes run as one and the same linux user. We would need a way in which a user cannot do any harm on the system, but does have a temporary private working directory to write and read files that is protected from the other users of the webservice.

A: 

in such a way that it can only write in this directory, without limiting too much of its functionality.

Wow, this sounds almost magical. Hardly a programming question.

karlphillip  2010-10-26 00:31:34
A: 

Sounds like you want something like the Linux equivalent of the FreeBSD Jail, or at least something quite similar. This blog posting contains the description of a tool with the same name at least.

Marc  2010-10-26 01:00:42
+1  A: 

File permissions are based on owner/group not process so multiple programs run by the same user are going to be able to access owned directories. However if you create a temporary directory for each process before it runs and then chroot() it then no process should be able to get out of its chroot jail to access other directories.

The basic notion is that the temp directory becomes the top of the directory tree as far the process is concerned. The process doesn't know about, nor can it change to, anything above it. Otherwise it can read/write create/delete whatever to its heart's content in its sandbox.

For instance:

/rundir
/rundir/temp1  <-- process 1 chroot jailed here, can't go above
/rundir/temp2  <-- process 2 chroot jailed here, can't go above

See also "man 8 chroot".

Duck  2010-10-26 02:51:06
A: 

You could use a kernel patch like Grsecurity (there are others that could do the job, I think, look for SELinux and AppArmor) to enforce RBAC (role-based access control) for a certain process.

I think using a security enhanced kernel is a must, given your usage scenario.

Unknown  2010-10-26 06:44:24

related questions

grep a file, but show several surrounding lines?
VMWare Server Under Linux Secondary NIC connection
Should I move from C++ to Python? ... Or another language?
Globus Toolkit virtual machine
How to avoid redefining VERSION, PACKAGE, etc.
How do I setup Public-Key Authentication?
showing a message box from a bash script in linux
Best Linux Distro for Computer Repair
Mapping my custom keys in Debian
Any IcedTea war stories?
How do you find the age of a long-running Linux process?
Personal Linux web server
Programmatically talking to a Serial Port in OS X or Linux
what's in your .bashrc ?
Linux - files and scripts that execute on boot
Text Editor For Linux (Besides Vi)?
Lightweight IDE for Linux
Shell scripting input redirection oddities
XML Editing/Viewing Software
What should a longtime Windows user know when starting to use Linux?
Gtk SSH client for Linux?
Getting root permissions on a file inside of vi?
Is it possible to drag windows between workspaces when using Compiz?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?