Issue privileges as a regular non-root user for a sandbox?

Question

Issue privileges as a regular non-root user for a sandbox?

Can I use a set of C libraries or system calls to reset all user privileges on POSIX, or at least Linux? Please note that I am not asking how to refuse privileges root, and that, apparently, all other StackOverflow search results are asking and responding.

I need the same effect as when switching to a user nobody, but stronger if possible. That is, I want my C application to do the following:

Run as a normal user, and not rootwithout the setuid file permission bit
Keep the ability to access certain files and open outgoing network connections.
Freely and constantly lose their ability to read and write files in the specified (or all) directories, especially $HOME
If possible, give up all other non-essential abilities, for example, open the listening socket with accept

Things I have reviewed so far that do not match the score:

Switch to user nobodyusing setuid/setgid
- Ordinary users are not allowed to switch to other users (for example, nobody), and the application does not rootjust need to switch to nobody.
Linux / POSIX.1e features
- Features only add root-like privileges, and do not remove the usual user privileges.
Traditional seccomp
- My application will require more than just a exit, sigreturn, readandwrite

, , , :

, , , root?

+4

c security linux sandbox privileges

nitrogen 12 . '15 22:28

1

viraptor · Accepted Answer · 2015-07-12T22:46:41+0000

- POSIX, POSIX , .

Linux, , . apparmor, selinux, RBAC , , - - . , , root ( ).

, , - seccomp. ( ), : , , " ", , , . recv(), open() send(). Thread, , open() .

, , , seccomp, open() ( ).

- , , - , , , Linux. , qmail , (). Linux seccomp , Solaris exec , ... , , , - .

Issue privileges as a regular non-root user for a sandbox?

More articles: