Skip to content

Fend — This sandbox guards all access to all files by a program. If an access is disallowed the offending system call will return the EACESS error code.

Notifications You must be signed in to change notification settings

sjha4/Fend-Sandbox

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Fend — This sandbox guards all access to all files by a program. If an access is disallowed the offending system call will return the EACESS error code.

#Invocation:

fend [-c config] <command [args ...]> where config is an optional configuration file and command is the program the is being sandboxed. If the config file option is not given, the program will look for a file named .fendrc first in the current working directory and second in the user's home directory. If none are found, exit with the message "Must provide a config file." Fend is more restrictive then the OS. It will not permit accesses that the OS prohibits.

#Configuration file

The configuration file contains one specification per line. Each specification contains a permission and one glob pattern (see wiki and glob(3) man page). The fields are separated by any number of spaces or tabs. The permission is a 3-bit binary digit, representing in order read, write, and execute permissions. See chmod(1) man page. Therefore,

111 foo.txt is full permission and 000 foo.txt is complete denial. It is possible that more than one specification matches a given file name. In such a case, the last match is the one that holds. For example, suppose the following two-line configuration file.

000 /usr/foo/* 110 /usr/foo/bar

The file "/usr/foo/bar" matches both lines. Therefore, the last line (110) holds. This is useful for denying access to all files in directory except for an enumerated few.

File names presented to the guarded system calls are generally absolute paths. Therefore, globs based on relative paths names (such as "foo" or "../bar") will not work as you may think. Globs, however, do not need to be absolute paths. For example the glob "*/foo" refers to every file named foo regardless of which directory contains it.

No Implicit Restrictions

If no specification matches the file name, then fend will not restrict the access. If you would like fend to restrict access to all files then include the specification: 000 * at the top of the config file.

About

Fend — This sandbox guards all access to all files by a program. If an access is disallowed the offending system call will return the EACESS error code.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published