发表新帖
发表新帖

What is the safest way to run an executable on Linux?

前端 未结
关注
9 1256
星月不相逢
星月不相逢 2020-12-05 20:53

I am trying to run a program compiled from C code from an unknown source. I want to make sure that the program does not harm my system in anyway. Like for instance, the pro

相关标签:
9条回答
  • 梦如初夏
    2020-12-05 21:12

    Check out seccomp. It was designed for this use case.

    0 讨论(0)
  • 渐次进展
    2020-12-05 21:12

    Create an user that has write access only to non-critical directories. Run the program as that user. If you are also interested in privacy, consider also restricting its read rights.

    0 讨论(0)
  • 渐次进展
    2020-12-05 21:15

    You can use something like schroot and chroot the program, but anything of sufficient nastiness will bust out of that.

    You best bet is probably a virtual machine (vmware or virtualbox) and taking a snapshot before compiling and running the program. That way you can roll back if something goes horribly wrong.

    0 讨论(0)
  • 梦毁少年i
    2020-12-05 21:21

    The wikipedia page for chroot may be a good start. It describes chroot and also provides links to a few, more thorough alternatives.

    0 讨论(0)
  • 不知归路
    2020-12-05 21:25

    chroot is one possibility if you want to isolate it from everything else but still have an environment for it to run in.

    http://en.wikipedia.org/wiki/chroot

    https://help.ubuntu.com/community/BasicChroot

    0 讨论(0)
  • 别那么骄傲
    2020-12-05 21:26

    In addition of other answers, using strace or ltrace may help you to understand what the program is doing.

    0 讨论(0)
 看不清?
提交回复
热议问题