Sandboxing is very important in information security and while the Linux world has a lot of sandbox solutions and also sandboxing primitives, there is no dominating sandbox solution, and every one has it’s own set of advantages and disadvantages.
An ideal sandbox solution should be easy to use, security focused, and also offer “full observablity to the sandboxed process”. In order to meet our internal needs, we have created a sandbox solution based on gVisor which allows us to sandbox a process in a VM.
In this talk, we will cover some background of Linux sandboxes, look at some primitives such as ptrace, LD_PRELOAD and also some existing sandbox solutions such as nsjail and firejail. We will also introduce gVisor and some of the technologies behind it, behind it and how you can use it to build a process-level sandbox based on gVisor. I will include the design and implementation and also some of the issues we needed to resolve. I will walk through some examples of how to use this new sandbox solution in a variety of security areas.