CapExec: Towards Transparently-Sandboxed Services (Extended Version)

Mahya Soleimani Jadidi (1); Mariusz Zaborski (2); Brian Kidney (1),; Jonathan Anderson (1) ((1) Memorial University of Newfoundland; (2) Fudo; Security Inc.)

arXiv:1909.12282·cs.CR·September 27, 2019·1 cites

CapExec: Towards Transparently-Sandboxed Services (Extended Version)

Mahya Soleimani Jadidi (1), Mariusz Zaborski (2), Brian Kidney (1),, Jonathan Anderson (1) ((1) Memorial University of Newfoundland, (2) Fudo, Security Inc.)

PDF

Open Access

TL;DR

CapExec introduces a novel process supervisor that enables transparent sandboxing of network services via service declarations, leveraging Capsicum for robust security without application modifications.

Contribution

It presents CapExec, a service manager-based sandboxing approach that confines network services using Capsicum, avoiding invasive code changes and enabling widespread deployment.

Findings

01

Provides robust sandboxing without application modifications

02

Utilizes Capsicum framework for compartmentalization

03

Facilitates sandboxing at the service manager level

Abstract

Network services are among the riskiest programs executed by production systems. Such services execute large quantities of complex code and process data from arbitrary and untrusted network sources, often with high levels of system privilege. It is desirable to confine system services to a least-privileged environment so that the potential damage from a malicious attacker can be limited, but existing mechanisms for sandboxing services require invasive and system-specific code changes and are insufficient to confine broad classes of network services. Rather than sandboxing one service at a time, we propose that the best place to add sandboxing to network services is in the service manager that starts those services. As a first step towards this vision, we propose CapExec, a process supervisor that can execute a single service within a sandbox based on a service declaration file in…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsPeer-to-Peer Network Technologies · Multimedia Communication and Technology