Isolate is the program to do it. It has quite a nice introduction on it's website but unfortunately has to be downloaded in source and compiled yourself. It can help running a media player or your browser more safely.
You can download it with subversion via:
svn checkout http://isolate.googlecode.com/svn/trunk/ isolate-read-only
You need to install at least the libelf headers to compile it, e.g. sudo aptitude install libelf-dev in Debian based systems like Ubuntu. There is absolutely no documentation inside the tree except a GPL 2.0 license.
Thanks to LWN. See the comments there for more suggestions about isolation technologies like Rainbow.
Running Untrusted Programs in a Sandbox in Linux
0 comments:
Post a Comment