UNIX spawn sandboxed process
Question
In my scenario, the parent process generates some machine code (dynamically), this code should then be executed by the child process. The child process should not be able to access the parents resources (so no forking), for security reasons, it has to be as restricted as possible, I want something like that:
process_handle x;
give_memory_page_to_process(x, mempage); // allows x to access the page
/*some more pages for the child*/
/*remove the memory pages from the parent process*/
execute(x); // should create a process with just the given pages
1 answers
solution1
0 ACCPTED 2020-06-07 14:35:56
To setup an empty vessel , you will need to fork() then have the child exec() into an empty process which you will then write into. The easiest way is probably to have the parent generate its machine code into an ELF (or other) format file, and have the child close fds, etc... then exec it.
Since the initial child (after fork) is identical to the parent, there is no security issue yet. The child is then going to shut down all its fds, possibly chroot()ing to somewhere restrictive, that the parent has placed the generated code into. The child then exec()s that generated code.
If you are worried somebody can attack the executable inside your chrooted directory, why aren't you worried that they can attack the parent? Same permissions....
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.