[DSE-User] SELinux sandbox policy
Frank Licea
francisco.licea at gmail.com
Sat Jul 10 20:46:32 UTC 2010
Hello all,
I'm writing a web app that requires executing untrusted C code that is
uploaded by users. This is my first time using SELinux and I've successfully
have it running in permissive mode on my application server running on
Debain 5 but I am unsure of how to proceed from here.
I want to execute the untrusted C code within the SELinux sandbox policy.
Here is what I'm talking about:
http://danwalsh.livejournal.com/28545.html
The article explains that the policy and utils are available in the Fedora
package: selinux-policy-3.6.12-41.fc11 and policycoreutils-2.0.62-12.6.fc11
Does Debian have an equivalent that I can download and use? I have the
policycoreutils package installed but I don't have /usr/bin/sandbox.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/selinux-user/attachments/20100710/ffbcc3de/attachment.htm>
More information about the Selinux-user
mailing list