Backend.AI is a streamlined, container-based computing cluster platform that hosts popular computing/ML frameworks and diverse programming languages, with pluggable heterogeneous accelerator support including CUDA GPU, ROCm GPU, TPU, IPU and other NPUs.
Sorna's "jail" subproject(1) is a seccomp-based sandbox written in Go. We use it for all kernel containers to prevent malicious user codes from executing potentially dangerous system calls as well as to enforce our customized ACL upon file systems and networks.
Limitation of the maximum allowed number of threads/processes
seccomp-based system call filter
Half-implemented:
Path-based file system operation check: reading path string from syscall arguments works but there is no detailed policy implementation. This would be a practice before getting into the network restriction work.
To do for you:
Host-based and IP-based network connection restriction. For example, allow only HTTPS/SSH access to GitHub but forbid network connections to everything else.
This requires intercepting DNS resolution and connect() system call with some inspection to the socket file descriptor.
Sorna's "jail" subproject(1) is a seccomp-based sandbox written in Go. We use it for all kernel containers to prevent malicious user codes from executing potentially dangerous system calls as well as to enforce our customized ACL upon file systems and networks.
(1) This will be moved to a separate repository.
Already implemented:
Half-implemented:
To do for you:
connect()
system call with some inspection to the socket file descriptor.┆Issue is synchronized with this Asana task by Unito