Hi all,
I am looking to run a process on my machine that I do not fully trust.
I would like to avoid the penalty cost of spinning a VM to run it, and would like instead to sandbox it.
As far as I know, `pledge` is nice to create a sandbox, but it's coarse-grained, it either allow access to all ips, or it allows no access at all.
I need to give this untrusted app network access, but to avoid it being a spyware/trojan horse, I'd like to restrict its network connection to a specific list of ips.
The idea I have for now is to create a user dedicated to it, and add an anchor in pf that filters for that user, and only allow that user to speak to that list of ip.
Is that a reasonable approach? Is there a better way to do that?
Thanks!
Jake
No comments:
Post a Comment