Sandboxing in Linux with Zero Lines of Code

Wednesday, 11 October, 2023 - 14:4515:25

Ignat Korchagin, Cloudflare


Linux seccomp is a simple, powerful tool to sandbox running processes and can significantly decrease damage in case the application code gets exploited. It provides fine-grained controls for the process to declare what it can and can’t do and in most cases has little performance overhead.

But to utilise this framework developers have to explicitly add sandboxing code to their projects and developers usually either delay this or omit completely. Moreover, the seccomp security model is based around system calls, but many developers, writing their code in high-level programming languages and frameworks, either have little knowledge or no experience with syscalls or just don’t have easy-to-use seccomp abstractions for their frameworks.

All this makes seccomp not widely adopted—but what if there was a way to easily sandbox any application in any programming language without writing a single line of code? This presentation discusses potential approaches with their pros and cons.

Ignat Korchagin, Cloudflare

Ignat is a systems engineer at Cloudflare working mostly on Linux, platforms and hardware security. Ignat’s interests are cryptography, hacking, and low-level programming. Before Cloudflare, Ignat worked as a senior security engineer for Samsung Electronics’ Mobile Communications Division. His solutions may be found in many older Samsung smart phones and tablets. Ignat started his career as a security researcher in the Ukrainian government’s communications services.

@conference {292097,
author = {Ignat Korchagin},
title = {Sandboxing in Linux with Zero Lines of Code},
year = {2023},
address = {Dublin},
publisher = {USENIX Association},
month = oct