similar to: virt-sandbox of X applications

I'm trying to make a security sandbox. For example, lets say my program has a LoadInst in the LLVM IR and I know I want to confine the address range this LoadInst is accessing. Maybe that LoadInst gets emitted as a MOV machine code instruction by the backend. During execution an attacker could potentially control the operands of the MOV instruction through some exploit, but usually he

Hello, I''m new to puppet and facter. Initially we are planning on using facter/puppet to inventory machines (Mac, Ubuntu, and RHEL). We plan on writing a number of custom facts. Obviouly some of the facts will only be specific to some OSs. I know there is a "confine" method, but it confuses me. It seems the confine statement in some of the recipes and in the Turnbull book is

Is there any documentation/tutorial that explains how to use virt-sandbox-service? After looking at some writeups about virt-sandbox-service, this looks like a good tool for something I need to do. But, following the "examples" I cannot get anything to work correctly. With a simple xfce install with httpd, lighttpd, and libvirt-sandbox installed, I tried: 1. virt-sandbox-service

Moat of the advanced persistent threats (APT) are initiated via e-mail. Opening an attachment or clicking on a web link starts the process. Why isn't Firefox and Evolution confined with SELinux policy in a way that APT can't damage the rest of the system? Why are we not sandboxing these two apps with SELinux? I've discovered some guidance for sandboxing Firefox using the

Hi while writing facts I heavily use confines to avoid that facts get loaded where they shouldn''t. However I didn''t yet find out how I can add a multiple decision to a confine. so normally I have confine :kernel => :linux but what when kernel can be linux or sunos? just add 2 confines? or can I nest them? something like confine :kernel => :linux||:sunos would be nice.

Hi. Is is possible to use GPG on the host instead of NSS with virtual smartcards? Please document how or add support for it. Can a virtual smartcard make the host less secure? If there are bugs in GPG/NSS backend on the host can they be abused by untrusted code in the vm?

I'm trying to build libvirt-sandbox under ubuntu 12.10 sudo apt-get install git build-essential lxc libvirt-bin libvirt-glib-1.0 libglib2.0-0 libglib2.0-dev gtk-doc-tools libxml2-dev libselinux-dev git clone git://libvirt.org/libvirt-sandbox.git cd libvirt-sandbox sudo ./autobuild The error I'm getting: make[2]: Entering directory `/home/user/libvirt-sandbox/build/bin' CC

Hello, I''m having some trouble. I keep getting the following warnings when trying to run: $ puppet master --no-daemonize /usr/local/build/puppet-bundle/vendor/gems/ruby/1.9.1/gems/ puppet-2.7.12/lib/puppet/external/pson/pure.rb:7:in `<module:PSON>'': iconv will be deprecated in the future, use String#encode instead. Could not load confine test

I'm considering using virt-sandbox with lxc to sandbox and execute untrusted code like python scripts and compiled C code. Is it possible to limit CPU and Memory like is possible with lxc-execute and a config file? What are the defaults security settings? Is it completely isolated by default? What's the difference between lxc-execute and libvirt-sandbox? How can I use it in ubuntu?

Hi all. I have an old windows VM with an oldish cygwin that I use for the regression tests. Investigating one of the test failures, I see that it's for UsePrivilegeSeparation=sandbox, and it seems to be because setrlimit(RLIMIT_FSIZE, ...) is not supported. IMO, this isn't a big loss, since the most useful thing in the rlimit "sandbox" is the descriptor limits. Can anyone see

Quick and dirty: --- lib/facter.rb (revision 203) +++ lib/facter.rb (working copy) @@ -989,6 +989,18 @@ %x{/usr/sbin/scutil --get LocalHostName} end end + Facter.add(:interfaces) do + confine :kernel => :linux + setcode do + %x{/sbin/ifconfig -a -s}.split($/)[1..-1].collect {|line|

Dear all, I have been trying to set up the set up Libvirt Sandbox without success. I want to use virt-sandbox in order to run untrusted programs in a secure environment. I am had no knowledge about virtualization until a couple of days ago, so I am probably doing something wrong. The scenario is the following: Linode instance. OS that I have tried: Ubuntu 14.04, Ubuntu 14, Fedora 21. Both

I'm attempting to build/use libvirt-sandbox on Ubuntu 12.xx. Although I'm still working through dependency issues (including the need for libvirt >= 1.0.2 which is not packaged for ubuntu 12.xx) to build the sandbox code, I have a forward looking question. It appears libvirt-bin for Ubuntu likes apparmor as does most Ubuntu based packages using a LSM impl. However, as I understand

I am using the Paypal Library for ruby (http://dist.leetsoft.com/api/paypal/) I have been testing it in development mode and the paypal sandbox site. Now I have moved my application into production mode but the paypal url still goes to the sandbox site: https://www.sandbox.paypal.com/cgi-bin/webscr How do I change the paypal URL? -- Posted via http://www.ruby-forum.com/.

Hello, I have a simple C program that uses libguestfs to extract info about disk usage from a libvirt domain. It works when ran manually as root, but fails when started as a systemd service. I'm attaching the service file, source code and verbose logs from both the successful manual run and from the service journal. SELinix is disabled. Error messages: libguestfs:

Recently I''ve found out some mentions to the "--sandbox" parameter to the "rails console" command. And I found the idea interesting, but since I''m using Sequel instead of ActiveRecord I guessed this wouldn''t work for me. But after talking about this subject in the Sequel mailing list, Jeremy Evans has brought to my attention that there are some

Hi, The systrace and rlimit sandboxes have been committed and will be in snapshots dated 20110623 and later. This diff adds support for pre-auth privsep sandboxing using the OS X sandbox_init(3) service. It's a bit disappointing that the OS X developers chose such as namespace-polluting header and function names "sandbox.h", "sandbox_init()", etc. It already forced me to

Hello, I’ve been using LLVM IR passes for my research for about a year now, but for my next step I think I might have to dig into a backend. I'm hoping someone could give me a pointer on how to get started. The thing I would like to do is add and override address-size override prefix [1] to a given x86-64 instruction. I’m hoping I can do something like: 1) Mark some IR instructions with

Hello, I have a setup similar to Rweb ( http://www.math.montana.edu/Rweb/ ): I get R scripts from users and need to execute them in in a safe manner (they are executed automatically, without human inspection). I would like to limit the user's script to reading from STDIN and writing to STDOUT/ERR. Specifically, preventing any kind of interaction with the underlying operating system (files,

Hi, I've added R_init_data_table to the "data.table" package (which has a dot in its name). This works well in R 2.15.0, because of this from the Writing R Extensions manual : " Note that there are some implicit restrictions on this mechanism as the basename of the DLL needs to be both a valid file name and valid as part of a C entry point (e.g. it cannot contain ?.?): for