LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

DJB's suggestion of how to isolate a process

DJB's suggestion of how to isolate a process

Posted Jan 7, 2010 19:24 UTC (Thu) by pjm (subscriber, #2080)
In reply to: The isolate utility by tialaramex
Parent article: The isolate utility

The quoted text is in the context of what one can get with “existing UNIX tools”. The paper goes on to claim that short of “severe operating-system bugs”, the result is that the process “has no communication channels other than its initial file descriptors”.

Does anyone dispute this claim, or have a better suggestion of how to implement that result with standard UNIX interfaces?

(I haven't looked into the bug mentioned, though I'd guess that isolate(1) is a world-executable setuid utility that has a bug allowing arbitrary code execution before doing the setuid step, rather than being a bug in the approach quoted from the DJB paper. Anyone who's looked into it, please either confirm or refute this guess.)

(Log in to post comments)

DJB's suggestion of how to isolate a process

Posted Jan 7, 2010 23:10 UTC (Thu) by drag (subscriber, #31333) [Link]

Man the more I look at the more something like this screams out for LXC.

It does not depend on chroot. It is not complicated to setup like SELinux.
And it does not need to ran as root to manage the VM.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds