How to block all traffic for a given user?

Question

I'd like to run a script on UNIX with restricted privileges. Specifically, I'd like to run code that I received without letting it send data. My current solution is to:

1. Create a dummy user.
2. Use iptables to block all outgoing traffic for the dummy user.
3. Run the target program as the dummy user, using su - dummy -c 'command'.

The way I achieve step 2 above is as described in this page. Specifically, I use the following command to add a new rule:

sudo iptables -I OUTPUT -m owner --uid-owner dummy -j DROP

When I now try to ping a web address by switching to the dummy account, the ping indeed fails because I added the rule to iptables. Here's that command:

> su - dummy -c 'ping www.google.com'
ping: unknown host www.google.com

Same goes for attempting to use traceroute. However, when I try to send an email in a similar way using mutt, it succeeds:

 su - dummy -c 'echo "test" | mutt -s test [emailaddress]'

Why doesn't the rule block this, and more generally, how do I ensure all outgoing traffic is blocked for the program I'm running?

Answer 1

Here is a guide to setting up a chroot jail, which it seems you need.

https://help.ubuntu.com/community/BasicChroot

This allows you to control what commands can be executed, you can limit users access to things like mutt with no problem. You grant access, you do not have to figure out what to deny. Because all commands are be default blocked. This makes setting things up far simpler.

Answer 2

mutt uses a mail server to send the email, and that's most likely not running with the uid of dummy.