Writing Sandboxed Software
I wrote a program recently, SyslogParse, to display apparmor and iptables rules based on violations found in my system log. I did this because my apparmor-utils packages always break / were quite slow...
View ArticleSandboxing: Seccomp Filters
This is the first installment on a series of various sandboxing techniques that I’ve used in my own code to restrict an applications capabilities. You can find a shorter overview of these techniques...
View ArticleSandboxing: Linux Capabilities
This is the second installment on a series of various sandboxing techniques that I’ve used in my own code to restrict an applications capabilities. You can find a shorter overview of these techniques...
View ArticleSandboxing: Chroot Sandbox
Sandboxing: Limited Users This is the fourth installment on a series of various sandboxing techniques that I’ve used in my own code to restrict an applications capabilities. You can find a shorter...
View ArticleSandboxing: Conclusion
In total I’ve written five methods for sandboxing code. These are certainly not the only methods but they’re mostly simple to use, and they’re what I’ve personally used. A large part of this sandboxing...
View Article