seccomp-nurse is a sandboxing framework based on
SECCOMP. It is
designed to run applications in a kind of jail (enforced by the
kernel). It does not use
ptrace() at all.
seccomp-nurse uses two processes, one running the "untrusted code"
and the other is the helper, it is the referee between the
untrusted process and the kernel.
SECCOMP process can only call
_exit, this is insufficient to execute even the
simplest binary. To work around this limitation, the untrusted process is splitted into two threads (called untrustee and
- The untrustee runs the untrusted code, syscalls are trapped and handled by the helper.
- The trustee has only one task: do whatever the helper orders. It has zero interaction with the untrustee, considered hostile.
The helper is a Python application implementing access control:
when a syscall is called in the untrustee, the helper is
notified and takes the decision to deny, deleguate it to the
trustee or let the untrustee execute the syscall (if the syscall
executed by the untrustee is not allowed by the kernel, it will be
How to use it?
$ git clone git://github.com/nbareil/seccomp-nurse.git $ cd seccomp-nurse/ $ make $ ./sanbdox -- /usr/bin/python
Easy, isn't it?
Here is a demonstration
seccomp-nurse running the python interpreter in the sandbox. The purpose of
this video is to show the ACL engine configured to restrict
open() syscall to whitelisted directories only
/secret not being included obviously). However,
access() ACL was configured to always return "OK", thus, it is
accessible from the interpreter.
- libevent : Thanks to Fabrice Desclaux, security issues were addressed and sockets are now supported! The targeted application was the HTTPD daemon from
seccomp-nursecan run pdftotext successfully! Woo! However, there is still a lot of things to do, see the commit message to get an idea.
Updated @: it even runs the Python interpreter !
/usr/bin/pythonjust need to be compiled with
dlopen()not supported yet
fork()and threads) is not (yet?) supported
socket()support is almost ready
exec*()will never be supported
- Signals not supported
At the moment, there is no security check implemented. The sandbox is wide open! It will be the next step.
- Ekoparty's slides
- Blog post about "SECCOMP as a sandboxing solution?"
- Blog post about "How system calls work on Linux?"
- Chrome browser:
No release has been made yet but you can clone the development repository!
seccomp-nurse is a free software available under the GNU Public
Licence 2! Sources are availables on github: http://github.com/nbareil/seccomp-nurse/