Software Sandboxing: The Basics(blog.emilua.org) |
Software Sandboxing: The Basics(blog.emilua.org) |
I've tried my best to make the text hopefully useful to programmers from any language so the few Lua samples in the article are only there to illustrate the concepts. Some of the topics found in the article:
* UNIX basics focusing on Linux and FreeBSD. * General sandboxing concepts and how to apply them in Linux and FreeBSD. * The actor model and capability-based security (and how to combine them). * Oblivious sandboxing to run/reuse unmodified code within sandboxes. * Threat models. * Seccomp, Landlock, Capsicum, ... * A few guidelines for the C programmer.