Hello! Let’s say I have an executable file, but I’m unsure of the source, and may contain bugs/errors/malwares/bad things that can mess up my machine. I want to execute it anyway, but I want to make sure that it does not mess things up. Is it possible to create a “sandbox” folder, place the executable inside it, and then give all files inside that folder only write privileges inside that folder, and not outside? so that echo "hello" >> log.txt would work, but echo "hello" >> ~/log.txt would not?

EDIT: thanks to everyone for the answers! I decided to opt for a VM to minimize the risk, but chroot is probably a faster solution for not-so-dangerous files

  • Mininux@sh.itjust.works
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    You might want to look into Firejail, kinda complicated to setup but it’s made for this.

    I think chroot could achieve this too but I don’t know how secure it is