Any plans to use seccomp to limit the range of system calls that can be issued by the workloads?
http://lwn.net/Articles/494252/ http://sourceforge.net/projects/libseccomp/ And if we use cgroups (specifically, the memory cgroup controller), then we can limit the RSS - ie. workloads can have a large virtual size but very little real memory usage. http://www.kernel.org/doc/Documentation/cgroups/memory.txt Rayson ================================ Open Grid Scheduler / Grid Engine http://gridscheduler.sourceforge.net/ Scalable Grid Engine Support Program http://www.scalablelogic.com/ On Thu, Feb 23, 2012 at 11:21 AM, Rom Walton <[email protected]> wrote: > While that part is true, it would be true of any batch execution system > running code from a foreign source. Closest analog would be installing a new > daemon in Linux from a distro software repo. > > Privilege elevation bugs are just a nasty beast all the way around. > > ----- Rom > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Rayson Ho > Sent: Thursday, February 23, 2012 11:10 AM > To: [email protected] > Subject: Re: [boinc_dev] BOINC Sandbox > > Thanks Derrick & Rom for the replies. > > (And I know that there is code signing too - but if the code downloaded to > the clients from the known source is malicious, looks like it is quite hard > for BOINC to block those attacks...) > > Rayson > > ================================= > Open Grid Scheduler / Grid Engine > http://gridscheduler.sourceforge.net/ > > Scalable Grid Engine Support Program > http://www.scalablelogic.com/ > > > On Thu, Feb 23, 2012 at 11:03 AM, Rom Walton <[email protected]> wrote: >> The BOINC Client roughly follows the same model as on *nix when >> installed with the protected application execution mode. Use of GPUs >> prevent us from making it the default install type. >> >> See: http://boinc.berkeley.edu/trac/wiki/ClientSetupLogicWinSix >> >> ----- Rom >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Rayson Ho >> Sent: Thursday, February 23, 2012 10:44 AM >> To: [email protected] >> Subject: [boinc_dev] BOINC Sandbox >> >> I googled trying to look for information related to security >> sanboxing, and I found this page: >> >> http://boinc.berkeley.edu/sandbox.php >> >> However, on Windows *if* the code downloaded to the clients has code >> that performs malicious attacks, is there a sandbox that blocks those >> attacks? >> >> Rayson >> >> ================================= >> Open Grid Scheduler / Grid Engine >> http://gridscheduler.sourceforge.net/ >> >> Scalable Grid Engine Support Program >> http://www.scalablelogic.com/ >> _______________________________________________ >> boinc_dev mailing list >> [email protected] >> http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev >> To unsubscribe, visit the above URL and (near bottom of page) enter >> your email address. > > > > -- > ================================================== > Open Grid Scheduler - The Official Open Source Grid Engine > http://gridscheduler.sourceforge.net/ > _______________________________________________ > boinc_dev mailing list > [email protected] > http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev > To unsubscribe, visit the above URL and > (near bottom of page) enter your email address. -- ================================================== Open Grid Scheduler - The Official Open Source Grid Engine http://gridscheduler.sourceforge.net/ _______________________________________________ boinc_dev mailing list [email protected] http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
