search

google / nsjail

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
https://nsjail.dev
Apache License 2.0
2.99k stars 275 forks source link

Don't know how to start #176

Open rayzchen opened 3 years ago

rayzchen commented 3 years ago

I would like to use nsjail to run a python script with limited permissions, e.g this script:

open("../a.txt", "w+")

I don't want the script to be able to create a file in the parent directory, so I only want to limit their scope of access to the current working directory and/or /tmp. This was my approach:

# ./nsjail -Mo --user 0 --group 99999 -R /bin/ -R /lib -R /lib64/ -R /usr/ -R /sbin/ -T /dev -R /tmp -R . --keep_caps -- python test.py
[I][2021-07-19T20:13:00+0100] Mode: STANDALONE_ONCE
[I][2021-07-19T20:13:00+0100] Jail parameters: hostname:'NSJAIL', chroot:'', process:'python', bind:[::]:0, max_conns_per_ip:0, time_limit:0, personality:0, daemonize:false, clone_newnet:true, clone_newuser:true, clone_newns:true, clone_newpid:true, clone_newipc:true, clone_newuts:true, clone_newcgroup:true, keep_caps:true, disable_no_new_privs:false, max_cpus:0
[I][2021-07-19T20:13:00+0100] Mount: '/' flags:MS_RDONLY type:'tmpfs' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/bin/' -> '/bin/' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/lib' -> '/lib' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/lib64/' -> '/lib64/' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:false
[I][2021-07-19T20:13:00+0100] Mount: '/usr/' -> '/usr/' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/sbin/' -> '/sbin/' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/dev' flags: type:'tmpfs' options:'size=4194304' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/tmp' -> '/tmp' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '.' -> '.' flags:MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE type:'' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Mount: '/proc' flags:MS_RDONLY type:'proc' options:'' dir:true
[I][2021-07-19T20:13:00+0100] Uid map: inside_uid:0 outside_uid:0 count:1 newuidmap:false
[W][2021-07-19T20:13:00+0100][5543] void cmdline::logParams(nsjconf_t*)():252 Process will be UID/EUID=0 in the global user namespace, and will have user root-level access to files
[I][2021-07-19T20:13:00+0100] Gid map: inside_gid:99999 outside_gid:0 count:1 newgidmap:false
[W][2021-07-19T20:13:00+0100][5543] void cmdline::logParams(nsjconf_t*)():262 Process will be GID/EGID=0 in the global user namespace, and will have group root-level access to files
[E][2021-07-19T20:13:00+0100][5543] bool subproc::runChild(nsjconf_t*, int, int, int)():455 nsjail tried to use the CLONE_NEWCGROUP clone flag, which is supported under kernel versions >= 4.6 only. Try disabling this flag: Invalid argument
[E][2021-07-19T20:13:00+0100][5543] bool subproc::runChild(nsjconf_t*, int, int, int)():460 clone(flags=CLONE_NEWNS|CLONE_NEWCGROUP|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWNET|SIGCHLD) failed. You probably need root privileges if your system doesn't support CLONE_NEWUSER. Alternatively, you might want to recompile your kernel with support for namespaces or check the current value of the kernel.unprivileged_userns_clone sysctl: Invalid argument
[E][2021-07-19T20:13:00+0100][5543] int nsjail::standaloneMode(nsjconf_t*)():146 Couldn't launch the child process

I am running as root. What am I doing wrong? Is this even the right way to do it? I built nsjail by source using make.

happyCoder92 commented 3 years ago

If you're running as root you can try using --disable_clone_newuser. Or yet better as the warning message suggest compile in/enable unprivileged user namespace and run as non-root.

disconnect3d commented 2 years ago

[E][2021-07-19T20:13:00+0100][5543] bool subproc::runChild(nsjconf_t*, int, int, int)():455 nsjail tried to use the CLONE_NEWCGROUP clone flag, which is supported under kernel versions >= 4.6 only. Try disabling this flag: Invalid argument

Are u running on kernel <4.6? IF so, try passing --disable_clone_newcgroup flag.

Also, why --user 0? You probably shouldn't use the real root user within the jail.

disconnect3d commented 2 years ago

If u want an example where we sandboxed a Python app for a CTF challenge, exposed on a port, see https://github.com/justcatthefish/justctf-2020/blob/master/challenges/pwn_mylittlepwny/private/private/nsjail.cfg and the upper dir etc.