As many of you know I’ve written sydbox, the default sandbox of Exherbo Linux distribution. For a long time I’ve been meaning to move the platform-dependent parts of sydbox to a library, so that others can make use of it.
- Wrappers around different ptrace requests.
- An API for decoding arguments (strings, socket addresses, …)
- An experimental API for encoding arguments.
So what’s next? I’ll write another library, which will probably be called libsydbox, which builds on top of pinktrace and GLib. This will be a sandboxing library which can be used to sandbox untrusted applications. I’ll also write Python bindings for it which will hopefully replace catbox of Pardus Linux distribution. Here’s how it will look like:
Sydbox (A simple ^ application using libsydbox) | |-------> pysydbox (Python bindings for libsydbox | which aims to replace catbox) | libsydbox (Implements ^ sandboxing | as a library) | ----------------------------- ^ ^ | | | | pinktrace GLib (Implements (Implements cross-platform the required data structures; tracing functions) like hashtables, linked lists etc.)
Let’s see what the next days bring :-)