The sandbox technology is organized around 2 processes:
An executor sets up and runs the monitor:
- Also known as parent, supervisor or monitor
- By itself is not sandboxed
- Is regular C++ code using the Sandbox2 API.
The sandboxee, a child program running in the sandboxed environment:
- Restrict the sandboxee to a set of allowed syscalls and their arguments
- The tighter the policy, the better
A really tight policy could deny all except reads and writes on standard input and output file descriptors. Inside this sandbox, a program could take input, process it, and send the output back.
- The processing is not allowed to make any other syscall, or else it is killed for policy violation.
- If the processing is compromised (code execution by a malicious user), it cannot do anything bad other than producing bad output (that the executor and others still need to handle correctly).
The sandbox relies on seccomp-bpf provided by the Linux kernel. seccomp is a Linux kernel facility for sandboxing and BPF is a way to write syscall filters (the very same used for network filters). Read more about seccomp-bpf on Wikipedia.
Filesystem accesses are restricted with the help of Linux user namespaces. User namespaces allow to drop the sandboxee into a custom chroot environment without requiring root privileges.
Read our Getting started page to set up your first sandbox.