Painless Linux sandboxing API

移至檔案

Albert S. ad9c391e3f QSSB_FS_ALLOW_WRITE does not imply ALLOW_READ anymore Landlock can handle write access without it implying read access, in contrast to the existing bind mounts solution. Hence, remove ALLOW_READ from ALLOW_WRITE bitmask.		2021-05-22 20:05:31 +02:00
README.md	Update README.md: Update example projects links, minor improvements	2020-09-26 17:23:51 +02:00
qssb.h	QSSB_FS_ALLOW_WRITE does not imply ALLOW_READ anymore	2021-05-22 20:05:31 +02:00

README.md

qssb.h (quite simple sandbox)

qssb.h is a simple header only library that provides an interface to sandbox applications on Linux. Using Seccomp and Linux Namespaces for that purpose requires some knowledge of annoying details which this library aims to abstract away as much as possible.

Status

No release yet, API is unstable.

Features

Systemcall filtering
restricting file system access
dropping privileges
isolating the application from the network, etc.

Requirements

Kernel >=3.17 sys/capabilities.h header. Depending on your system, libcap might be needed for this.

FAQ

Does the process need to be priviliged to utilize the library?

No.

It doesn't work on Debian!

You can thank a Debian-specific patch for that. In the future, the library may check against that. Execute echo 1 > /proc/sys/kernel/unprivileged_userns_clone to disable that patch for now.

Documentation

To be written

Examples

qswiki: https://gitea.quitesimple.org/crtxcr/qswiki
cgit sandboxed: https://gitea.quitesimple.org/crtxcr/cgitsb
qpdfviewsb sandboxed (quick and dirty): https://gitea.quitesimple.org/crtxcr/qpdfviewsb

Contributing

Contributions are very welcome. Options:

Pull-Request: github.com/quitesimpleorg/qssb
Mail to qssb at quitesimple.org with instructions on where to pull the changes.
Mailing a classic patch.

License

ISC