Google's Chromium sandbox

As part of my bachelor project I have worked on rewriting a ptrace based jailer. The old implementation was too big and complicated, the new one is only a few thousand lines of code big. This is a generic jailer which is not racy. Among other things it prevents time-of-check-to-time-of-use race conditions, but it also prevents races between different system calls like rename and open, and symlink trickery. The current version supports Linux 2.6, but 2.4 or BSD support can be added too. Adding support for other architectures than x86 is trivial.

For its design see http://www.cs.vu.nl/~guido/publications/ps/secrypt07.pdf
The rewritten version does some things differently and doesn't yet support all features of the original one. The code isn't released yet, but we plan to release it under a BSD-like license. If interested email Guido or me (indan@nul.nu).