I am trying to run a program compiled from C code from an unknown source. I want to make sure that the program does not harm my system in anyway. Like for instance, the program might have soemthing like system("rm -rf /") in the source, which is un-detectable, unless the code is thoroughly examined.
I thought of the following 2 ways
- Run it inside a VM like VMWare
- Build a windows exe on linux and run on wine
Both are not very elegant solutions and I cannot automate them. and also, in case of 1, it can harm the VM.
Any help would be appreciated.
I want to run the program in what we can call a "sandbox".
Geordi uses a combination of chroot and interception of syscalls to compile and then sandbox arbitrary code.
Check out seccomp. It was designed for this use case.
I wrote an overview of sandboxing methods on Linux (archived) here. You are best off using Linux containers (lxc) or selinux, in my view. You could use a virtualisation solution and automate it, but it is a lot more effort.
lxc will isolate your processes, filesystem and network, and you can set resource limits on the container. There are still risks of a kernel attack, but they are much reduced.
You can use something like schroot and chroot the program, but anything of sufficient nastiness will bust out of that.
You best bet is probably a virtual machine (vmware or virtualbox) and taking a snapshot before compiling and running the program. That way you can roll back if something goes horribly wrong.
Create an user that has write access only to non-critical directories. Run the program as that user. If you are also interested in privacy, consider also restricting its read rights.
The wikipedia page for chroot may be a good start. It describes chroot and also provides links to a few, more thorough alternatives.
chroot is one possibility if you want to isolate it from everything else but still have an environment for it to run in.
http://en.wikipedia.org/wiki/chroot
https://help.ubuntu.com/community/BasicChroot
Run it on a non-networked computer that you will re-image once it's done. There is no safe way to run it on a machine and continue to trust that machine afterwards.
In addition of other answers, using strace or ltrace may help you to understand what the program is doing.
