Ah yes. What a fun question :)

First off, let me say that I realize there is going to be some risk no matter what I possibly do. So please don't reply to say "don't do it" unless you have some specific reason that you want to point out and thats "deal breaker", as it were.

Anyways, disclaimer out of the way, here is the gist of the idea. I have a "server process" , that receives untrusted perl code I want to run. This perl code should only affect stuff in the server process, so it should only need to print to a special file handle. Heres my steps:
  1. The server process forks, passing a copy of the untrusted perl code to the child.
  2. The child sets some really strict RLIMITs, such as RLIMIT_CPU to say, 2 or 3, RLIMIT_NPROC, to 2 or 3, and RLIMIT_VMEM to a suitabliy low amount, along with what ever other rlimits seem needful
  3. The child chroots and chdirs to an empty, unimportant folder someplace
  4. The child changes it's user id to a user with basically no permissions, anywhere
  5. The child creates a Safe compartment, and disallows everything dealing with the system, such as system, open, chdir, etc.
  6. The untrusted perl code is then reval'd inside the safe compartment.


Anyone see any major holes I'm missing? As far as I can tell, the rlimits and chroot should catch basically everything, since the untrusted code won't be run as root or have any way of getting root, it won't be able to break the chroot or modify the rlimits.

In reply to Running untrusted perl code by BUU

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.