search

tassopsaltakis / FilOS

The Friendly Python OS
https://github.com/tassopsaltakis/FilOS/
1 stars 1 forks source link

The change directory command can exit outside root #23

Open Rijndael1998 opened 7 months ago

Rijndael1998 commented 7 months ago

cd can exit outside of root.

tassopsaltakis commented 6 months ago

This was prevented before; we must add the piece to the CD command that restricts anything past the root directory. However, before we complete this, we should build out #7 and finish the group-based policy system, as it does affect all of the file management.

Once user access is finished, and this is finished, I think we can push 0.03

Rijndael1998 commented 6 months ago

I'm thinking more something like this (from ChatGPT):

If you want to run a Python script within a restricted environment without doing a full chroot, which involves copying files and setting up a separate environment, you might consider using certain tools and techniques designed to limit file system access. One approach is to use containerization (like Docker), but for a lightweight alternative, you can use chroot-like features without the overhead.

One such tool is firejail, which can sandbox processes, limiting their access to the file system. It's much easier to use than setting up a full chroot environment.

Here is the very basic usage of firejail to achieve a restricted environment for your Python script:

firejail --private=<path_to_your_directory> python <path_to_your_script>

The --private option creates a private view of the directory specified, and the process will not be allowed to see or touch anything outside of it.

Another option, especially if you are running on a system with SELinux enabled, you might create a restricted domain for your process with specific SELinux policies.

Yet another method could be using Linux namespaces directly with tools like unshare, which is a part of util-linux package:

unshare --mount --fork --pid -- chroot --userspec=<user>:<group> <newroot> /path/to/your/script

Advanced usage of unshare involves setting up mount points and perhaps even overlay filesystems to provide the necessary files to the new environment without physical copying. However, unshare requires a deep understanding of Linux namespaces and often root privileges for various operations.

Please ensure you research and understand how these tools and techniques work before using them, as improper usage might cause unexpected behavior or security concerns. These approaches often require additional setup and may have limitations depending on what your script needs to do. Always test in a safe environment first.

tassopsaltakis commented 6 months ago

I really like that!