Controlling process and thread security

synna · 01-25-2004, 05:11 AM

How can I control thread and process (lauchned by my program):
1) read access.
2) write access.
3) execute access.

4) allow write access only in one directory with fixed maximum disk usage.
5) track CPU usage of thread and process.
6) limiting number of thread a plugin can create.
7) Controlling which dynamic library are being loaded.

The question is for Linux, Window$(I don't think it's possible) and Mac OS X.

I need this because i'm writting a software that will have some kind of plugin (executed or threaded) and I want to be sure that they won't damage the system in any way.

This is because, in these case, I can't trust all plugin (or check them all).

Any small response is welcome.

The program will be in C/C++

Thanks in advance !!!!

kev82 · 01-25-2004, 08:42 AM

4) can be achieved by setting the uid/gid permission bits on your program to a user/group that can only write to this particular directory then make sure you are running as this user before you execute the plugins code. the max disk space can be set by quota but ive never used it so dont know.

5) i would start by reading this

synna · 01-25-2004, 03:36 PM

Cool, your link fix problem 5 and 6. Thanks.

Is it possible to check all external stream like in java (something like redirecting all stream so they first pass by my program). Just thought about another way to do it. I know it's possible on java.

The problem with what is explain on the link is that you can control quantity (how many files, how many bits) but not which files.

kev82 · 01-26-2004, 07:01 AM

by synna
Is it possible to check all external stream like in java (something like redirecting all stream so they first pass by my program)

not that i know of.

to be honest i wouldnt bother trying to do this i would just say to the users that you are not responsible for the effects of 3rd party plugins, as far as i know none of the major apps that use plugins try and restrict there plugins in this way, look at the source for apache/gaim/mozilla/etc and see what they do/dont do.

synna · 01-27-2004, 06:28 AM

I found some source about trying to secure thread and execution.

I put them here so if you're interested you can check

Secure programming HOW-TO

and another one

Linux system calls

Hope this can help some.