Project 8: Escaping the sandbox


Tutor: Guillaume Didier guillaume.didier AT irisa.fr

This project is based on a project proposed by Guillaume Hiet and Ronny Chevalier for the predecessor of this course.

Context

A sandbox allows executing programs in a restricted environment, with limited access to the rest of the system in order to reduce the risks if the program is compromised. This usually involves running the program with the smallest set of permissions required for it to work. (One doesn't give the PDF reader network access when it is run in a sandbox)

There are two main use cases:

Aim

In this project you will discover the concept of sandbox by reading two research articles describing system call validation, an important feature of sandboxes. Different solutions exist for this issue and have different trade-offs. Then you will try to escape a fake filtering system, and discuss possible improvements

Logistics

We will provide an archive including the source code of the project. The file challenge.c is what you will have to write your escapes in.

Use make run to test your escapes

We expect a report of how you set up your different attacks in addition to your challenge.c file. You should also include your suggestion on how to improve the sandbox (with implementation if possible), and potential attacks on it.

Progression

Run make run

Open and read challenge.c

Don't forget to read the papers, they are helpful.

Try each challenge in order

We’re bored

Finished everything early/want to do more? Keep improving and breaking your sandbox. Or reach out to us, we'll find some more sandbox issues.

Bibliography