chroot for unsecure programs execution
Posted
by attwad
on Super User
See other posts from Super User
or by attwad
Published on 2010-05-13T08:03:43Z
Indexed on
2010/05/13
8:14 UTC
Read the original article
Hit count: 239
Hi,
I have never set-up a chroot-jailed environment before and I am afraid I need some help to do it well.
To explain shortly what this is all about: I have a webserver to which users send python scripts to process various files that are stored on the server (the system is for Research purpose). Everyday a cron job starts the execution of the uploaded scripts via a command of this kind:
/usr/bin/python script_file.py
All of this is really insecure and I would like to create a jail in which I would copy the necessary files (uploaded scripts, files to process, python binary and dependencies).
I already looked at various utilities to create jails but none of them seemed up-to-date or were lacking solid documentation (ie. the links proposed in How can I run an untrusted python script)
Could anyone guide me to a viable solution to my problem? like a working example of a script that creates a jail, put some files in it and executes a python script?
Thank you very much.
© Super User or respective owner