Sandboxing an executable in C

Question

I am working on an application written in C that needs to run executable files internally, because of the nature of the application I need to restrict the exe's from reading or writing anything to the computer.

How would I be able to restrict the file from accessing or altering files on the computer?

Answer 1

I don't think this is a necessarily C question.

A common technique is to run the program in a 'chroot jail'.

If you want to do it yourself from a C program, use the chroot system call (man 2 chroot).

Either approach restricts the program to be run in a limited (leaf or twig) part of the file system. That restricts the program to as little as you want to put in that directory and subdirectories. It can't get above the directory it was chroot'ed too, so the system is relatively safe.

This can take quite a lot of care to program correctly, so I'd recommend experimenting with the chroot command first.

No idea if Windows has a simlar mechanism, but *NIX and Mac do.

If this is 'for real' have a look at some jail break references, e.g. http://www.unixwiz.net/techtips/chroot-practices.html

Answer 2

By far the easiest way is to create a new user, with very few permissions, and then run the program as that user.

However, the method to do that differs depending on the system, linux you can run useradd, and windows will almost certainly be possible through the windows api.