Emont: Video decoding in a sandbox
Emont: Video decoding in a sandbox
[Security] Posted Feb 11, 2013 14:26 UTC (Mon) by corbet
Guillaume Emont describes
his work using the Chromium sandbox mechanism to make video decoding in
GStreamer more secure. "The way setuid-sandbox works is rather
straightforward: there is a sandboxme command that needs to be installed
setuid root. You run sandboxme my_command and then from inside my_command,
you first set up the file descriptors that you will need (being careful not
to put there anything that could allow to escape the sandbox, more on that
later), and then you call the provided chrootme() function, which will tell
the sandboxme process to restrict the privileges that my_command has
(e.g. it can still read and write on the fds that it has open, but it
cannot open new ones).
"