Techly NewsGet the app

Get the latest tech news

How easy is it for a developer to "sandbox" a program?


Sandboxing is when a developer limits available system resources to a program from within its own source code. A classic example is calling chroot(2) to change the root file-system to an empty directory so that the program cannot scribble into the root file-system.

We'll cover the main open source operating systems with sandbox tools: Linux, OpenBSD, and FreeBSD(including DragonFlyBSD). For in-house systems, I mined the FreeBSD and OpenBSD git repositories (specifically usr.bin and usr.sbin) for sandbox invocations, then looked up the earliest entry for a contributor. For a scientific treatment of the subject, read Sandboxing Adoption in Open Source Ecosystems, Maysara Alhindi and Joseph Hallett, SESoS 2024.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of program

program

Photo of developer

developer

Photo of Sandbox

Sandbox

Related news:

News photo

How ‘Hitman’ Developer Became One of the Largest Independent Game Companies

News photo

MindsEye crashes caused by a memory leak, developer says, as it remains committed to ensuring all players have a great experience

News photo

MindsEye publisher doesn't believe negative comments were paid for, despite developer suggesting otherwise

« GNOME and Red Hat Linux eleven years ago (2009)
Dune: Awakening and Stellar Blade both set new concurrent user records on Steam this weekend »