daveho / easysandbox Goto Github PK

View Code? Open in Web Editor NEW

157.0 157.0 28.0 66 KB

really simple sandboxing of untrusted C programs using Linux SECCOMP

C 84.60% Makefile 3.18% Shell 4.65% C++ 7.57%

easysandbox's People

Contributors

Stargazers

Watchers

easysandbox's Issues

Statically linked binaries

LD_PRELOAD won't work considering a case when the untrusted binary is compiled statically.

Wrong statement in README.md

...It is entirely possible that future changes to glibc could break EasySandbox.

glibc is backward compatible, not forward compatible, meaning any changes to glibc would definitely not effect EasySandbox.

More Information: https://developers.redhat.com/blog/2019/08/01/how-the-gnu-c-library-handles-backward-compatibility

__libc_start_main can be overrided without `-nostdlib` option

As is described in the document

 long as gcc/g++ is invoked without the -nostdlib option, any attempt by the untrusted code to define an entry point (_start function) will result in a linker error, because the name _start will conflict with the real _start function defined in crt1.o

However, as I tested, there is no linker error.

#define _BSD_SOURCE // readlink
#include <dlfcn.h>
#include <stdlib.h> // exit
#include <string.h> // strstr, memset
#include <link.h>   // ElfW
#include <errno.h>  // EPERM
#include <unistd.h> // readlink
#include <seccomp.h>
#include <stdio.h>
typedef int (*main_t)(int, char **, char **);

#ifndef __unbounded
# define __unbounded
#endif

int __libc_start_main(main_t main, int argc, 
    char *__unbounded *__unbounded ubp_av,
    ElfW(auxv_t) *__unbounded auxvec,
    __typeof (main) init,
    void (*fini) (void),
    void (*rtld_fini) (void), void *__unbounded
    stack_end)
{

    int i;
    ssize_t len;
    void *libc;
    int (*libc_start_main)(main_t main,
        int,
        char *__unbounded *__unbounded,
        ElfW(auxv_t) *,
        __typeof (main),
        void (*fini) (void),
        void (*rtld_fini) (void),
        void *__unbounded stack_end);

    // Get __libc_start_main entry point
    libc = dlopen("libc.so.6", RTLD_LOCAL  | RTLD_LAZY);
    if (!libc) {
        exit(1);
    }

    libc_start_main = dlsym(libc, "__libc_start_main");
    if (!libc_start_main) {
        exit(2);
    }
    printf("Hijacked\n");    
    return ((*libc_start_main)(main, argc, ubp_av, auxvec,
                 init, fini, rtld_fini, stack_end));
}

int main()
{
    printf("Heloo world");
    return 0;
}

gcc 1.c -ldl -o test && ./test

gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04)

Although run this code with EasySandbox will get a segment fault, I think it maybe an way to bypass sandbox.

Maybe we can disable -ldl option to prevent using dlopen function.

EasySandbox tests are not passing in Fedora after compliation

gcc version: 9.1.0 (have tried 12.x)
g++ version: 9.1.0(have tried 12.x)
make version: 4.4.1 (have tried 3.82)

Logs when compiling initially using make:

gcc -c -fPIC -std=c99 -g -Wall -D_BSD_SOURCE   EasySandbox.c
In file included from /usr/include/unistd.h:25,
                 from EasySandbox.c:40:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -c -fPIC -std=c99 -g -Wall -D_BSD_SOURCE   malloc.c
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from malloc.c:24:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -shared -o EasySandbox.so EasySandbox.o malloc.o -ldl
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test01 t/test01.c -lm
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test02 t/test02.c -lm
In file included from /usr/include/unistd.h:25,
                 from t/test02.c:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test03 t/test03.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test03.c:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test04 t/test04.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test04.c:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test05 t/test05.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test05.c:5:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test06 t/test06.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test06.c:4:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test07 t/test07.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test07.c:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test08 t/test08.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdlib.h:26,
                 from t/test08.c:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
g++ -g -Wall -D_BSD_SOURCE  -o t/test09 t/test09.cpp -lm
In file included from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/os_defines.h:39,
                 from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/c++config.h:524,
                 from /usr/local/include/c++/9.1.0/iostream:38,
                 from t/test09.cpp:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
g++ -g -Wall -D_BSD_SOURCE  -o t/test10 t/test10.cpp -lm
In file included from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/os_defines.h:39,
                 from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/c++config.h:524,
                 from /usr/local/include/c++/9.1.0/iostream:38,
                 from t/test10.cpp:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
g++ -g -Wall -D_BSD_SOURCE  -o t/test11 t/test11.cpp -lm
In file included from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/os_defines.h:39,
                 from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/c++config.h:524,
                 from /usr/local/include/c++/9.1.0/iostream:38,
                 from t/test11.cpp:4:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
g++ -g -Wall -D_BSD_SOURCE  -o t/test12 t/test12.cpp -lm
In file included from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/os_defines.h:39,
                 from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/c++config.h:524,
                 from /usr/local/include/c++/9.1.0/iostream:38,
                 from t/test12.cpp:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test13 t/test13.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test13.c:3:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
g++ -g -Wall -D_BSD_SOURCE  -o t/test14 t/test14.cpp -lm
In file included from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/os_defines.h:39,
                 from /usr/local/include/c++/9.1.0/x86_64-pc-linux-gnu/bits/c++config.h:524,
                 from /usr/local/include/c++/9.1.0/iostream:38,
                 from t/test14.cpp:4:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
      |   ^~~~~~~
gcc -std=c99 -g -Wall -D_BSD_SOURCE   -o t/test15 t/test15.c -lm
In file included from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from t/test15.c:1:
/usr/include/features.h:194:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
  194 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"

Compile successfully finishes however without any errors (only warnings present). But the tests don't pass. The following is the log when running the tests:

./runalltests.sh t/test01 t/test02 t/test03 t/test04 t/test05 t/test06 t/test07 t/test08 t/test09 t/test10 t/test11 t/test12 t/test13 t/test14 t/test15
Executing t/test01...failed (exit code mismatch, expected 0, got 139)
Executing t/test02...1a2
> Hello, world
failed (output mismatch, expected [<<entering SECCOMP mode>>
Hello, world], got [<<entering SECCOMP mode>>])
Executing t/test03...failed (exit code mismatch, expected 137, got 139)
Executing t/test04...1a2
> 500500
failed (output mismatch, expected [<<entering SECCOMP mode>>
500500], got [<<entering SECCOMP mode>>])
Executing t/test05...1a2
> Hello, world
failed (output mismatch, expected [<<entering SECCOMP mode>>
Hello, world], got [<<entering SECCOMP mode>>])
Executing t/test06...failed (exit code mismatch, expected 137, got 139)
Executing t/test07...1a2
> 59
failed (output mismatch, expected [<<entering SECCOMP mode>>
59], got [<<entering SECCOMP mode>>])
Executing t/test08...failed (exit code mismatch, expected 0, got 139)
Executing t/test09...1a2
> Hello, C++ world
failed (output mismatch, expected [<<entering SECCOMP mode>>
Hello, C++ world], got [<<entering SECCOMP mode>>])
Executing t/test10...1a2
> Hello from the constructor!
failed (output mismatch, expected [<<entering SECCOMP mode>>
Hello from the constructor!], got [<<entering SECCOMP mode>>])
Executing t/test11...failed (exit code mismatch, expected 137, got 139)
Executing t/test12...1a2,3
> Here we are in main()
> Hello from the destructor!
failed (output mismatch, expected [<<entering SECCOMP mode>>
Here we are in main()
Hello from the destructor!], got [<<entering SECCOMP mode>>])
Executing t/test13...1a2
> Hello from the destructor!
failed (output mismatch, expected [<<entering SECCOMP mode>>
Hello from the destructor!], got [<<entering SECCOMP mode>>])
Executing t/test14...1a2
> 500500
failed (output mismatch, expected [<<entering SECCOMP mode>>
500500], got [<<entering SECCOMP mode>>])
Executing t/test15...1a2
> Radius is 1.128379
failed (output mismatch, expected [<<entering SECCOMP mode>>
Radius is 1.128379], got [<<entering SECCOMP mode>>])
15 test(s) failed
make: *** [Makefile:31: runtests] Error 1

Problem with EasySandbox in CentOS

Does EasySandbox work in CentOS ?
(kernel: 2.6.32-279.14.1.el6.x86_64)

[/judge/tester/easysandbox]# make
gcc -c -fPIC -std=c99 -g -Wall -D_BSD_SOURCE EasySandbox.c
gcc -c -fPIC -std=c99 -g -Wall -D_BSD_SOURCE malloc.c
gcc -shared -o EasySandbox.so EasySandbox.o malloc.o -ldl
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test01 t/test01.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test02 t/test02.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test03 t/test03.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test04 t/test04.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test05 t/test05.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test06 t/test06.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test07 t/test07.c
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test08 t/test08.c
g++ -g -Wall -D_BSD_SOURCE -o t/test09 t/test09.cpp
g++ -g -Wall -D_BSD_SOURCE -o t/test10 t/test10.cpp
g++ -g -Wall -D_BSD_SOURCE -o t/test11 t/test11.cpp
g++ -g -Wall -D_BSD_SOURCE -o t/test12 t/test12.cpp
gcc -std=c99 -g -Wall -D_BSD_SOURCE -o t/test13 t/test13.c
g++ -g -Wall -D_BSD_SOURCE -o t/test14 t/test14.cpp
[/judge/tester/easysandbox]# ./t/test02
Hello, world
[/judge/tester/easysandbox]# echo $?
0
[/judge/tester/easysandbox]# LD_PRELOAD=./EasySandbox.so ./t/test02
<< entering SECCOMP mode >>
<< entering SECCOMP mode >>
[/judge/tester/easysandbox]# echo $?
121
[/judge/tester/easysandbox]#

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.