Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the safest way to run an executable on Linux?

I am trying to run a program compiled from C code from an unknown source. I want to make sure that the program does not harm my system in anyway. Like for instance, the program might have soemthing like system("rm -rf /") in the source, which is un-detectable, unless the code is thoroughly examined.

I thought of the following 2 ways

  1. Run it inside a VM like VMWare
  2. Build a windows exe on linux and run on wine

Both are not very elegant solutions and I cannot automate them. and also, in case of 1, it can harm the VM.

Any help would be appreciated.

I want to run the program in what we can call a "sandbox".

like image 931
arbithero Avatar asked Oct 04 '10 22:10

arbithero


1 Answers

Check out seccomp. It was designed for this use case.

like image 75
florin Avatar answered Nov 15 '22 20:11

florin