SydB☮x: The ☮ther SⒶndbøx

Introduction

SydB☮x has been the default sandbox of Exherbo GNU/Linux distribution for over a decade. We use it to provide a restricted environment under which package builds run with controlled access to file system and network resources. Exherbo package description format, currently exheres-0, uses a shell function called esandbox to interact with sydbox. See the Sandboxing section of Exheres for Smarties document for more information.

Quick Start

• sydbox-0 is a ptrace based sandbox.
• sydbox-1 is a ptrace+seccomp based sandbox.
• sydbox-2 is a seccomp+seccomp-unotify based sandbox.
• sydbox-3 is a rewrite of sydbox-2 in Rust and it's what you are looking at.

Capture The Flag!

If you want to start using SydB☮x right away and get involved in a CTF game, SSH to syd.chesswob.org with user/password syd and try to read the file /etc/CTF. There's a reward of 100€ if you manage to read the file and document how you did it by posting a mail to syd@chesswob.org.

See CTF HOWTO: SydB☮x Capture The Flag Challenge for more information.

ASCII Casts

If you'd rather watch than read, you may start with the asciicasts we've made for you. We plan to make more of these and update this list, stay tuned!

1. Memory Sandboxing: https://asciinema.org/a/625243
2. Pid Sandboxing: https://asciinema.org/a/625170
3. Network Sandboxing: https://asciinema.org/a/623664

History & Design

This codebase has a history of a bit over 10 years and up to this point we have used C11 as our implementation language for various reasons. With sydbox-3 we are moving forwards one step and writing the sandbox from scratch using the Rust programming language with the only !Rust dependency being libsecc☮mp. Although we inherit many ideas and design decisions from the old codebase, we also don't shy away from radically changing the internal implementation making it much simpler, idiomatic, and less prone to bugs. We have proper multiarch support since release 3.0.11, e.g on x86-64, you can run your x32 or x86 binaries just fine under SydB☮x. Surprisingly all multiarch support is implemented in only 50 lines of code. This version takes advantage of multithreading and handles system calls using a thread pool whose size is equal to the number of CPUs on the running machine and utilizes globsets to match a list of patterns at once, thus continues to perform reasonably well even with very long rulesets. Moreover, access violations are logged into syslog, so you may use a command like journalctl SYSLOG_IDENTIFIER=syd (or shortly syd log) to view the sandbox logs. This version also comes with four new sandboxing types called Lock Sandboxing, Memory Sandboxing, Pid Sandboxing, and Stat Sandboxing: Lock Sandboxing utilizes the kernel LSM LandLock, Memory Sandboxing allows you to define a per-process memory limit, Pid Sandboxing allows you to define a limit on the maximum number of running tasks under the sandbox, whereas Stat Sandboxing can be used to effectively hide files and directories from the sandboxed process.

Finally, the new SydB☮x has support for namespaces. Use the command-line arguments --unshare-mount,uts,ipc,user,pid,net,cgroup to create namespaces. You may use the container profile as a shorthand to create namespaces with syd -pcontainer.

You may use SydB☮x as your login shell because it is very practical to have a restricted user. To do this simply add /path/to/syd to the file /etc/shells and do chsh -s /path/to/syd username as root. In this mode the sandbox may be configured using the files /etc/user.syd-3 and ~/.user.syd-3. If you want to restrict user configuration of the sandbox, lock the sandbox using lock:on at the end of the site-wide configuration file.

Install

Since version 3.4.2, we publish signed release tarballs with static SydB☮x. To download, go to https://distfiles.exherbolinux.org/#sydbox/ and download the latest version. The release tarball currently includes static builds for architectures x86-64 and aarch64 only.

The program may easily be built statically, with a size about 1.1Mb for the x86-64 build , and 1.0Mb for the aarch64 build. After UPX compression compress both have a size around 350Kb. After each push, the CI builds binaries with static linking using a musl target and keeps them available for download for 90 days. To download, browse to one of the URLs given below depending on your machine architecture, choose a succeeding build, and download the artifact syd on the left part of the build page. To run integration tests, download syd-test and syd-test-do artifacts as well.

• x86-64
  • Host: Linux build 6.1.55-0-lts #1-Alpine SMP PREEMPT_DYNAMIC Sun, 24 Sep 2023 23:14:02 +0000 x86_64 Linux
  • List: https://builds.sr.ht/~alip/syd/commits/main/linux-x86-64.yml
• aarch64
  • Host: Linux build 5.10.0-8-arm64 #1 SMP Debian 5.10.46-4 (2021-08-03) aarch64 GNU/Linux
  • List: https://builds.sr.ht/~alip/syd/commits/main/linux-arm64.yml

To install from source, use cargo install --locked syd. To follow the latest developments, checkout the git repository at https://git.sr.ht/~alip/syd and run cargo build --release on it. Make sure to have libsecc☮mp development files installed. The command to install libsecc☮mp library for some Linux distributions are given below.

• Alpine: apk add libsecc☮mp-dev libsecc☮mp-static
• Debian: apt install libsecc☮mp-dev
• Ubuntu: apt install libsecc☮mp-dev

The following distributions have SydB☮x already packaged:

1. Exherbo: cave resolve sydbox
2. Gentoo: emerge syd

SydB☮x exposes the functionality of the following crates in their sandbox API:

1. globset: Pattern matching with Unix shell style patterns, see Wikipedia:Glob for more information.
2. ipnetwork: Pattern matching with Classless Inter-Domain Routing, see Wikipedia:Cidr for more information.

This manual page gives only brief information on Pattern Matching, and Address Matching. The user is recommended to read the documentation of the respective crates to get more information on the details of pattern matching, and address matching.

API

libsyd is a comprehensive C library designed for interfacing with the SydB☮x stat interface. It offers functionalities for managing sandbox states, and facilitating runtime configuration and interaction with the Sydb☮x sandboxing environment.

plsyd is a Perl module that uses FFI::Platypus to use libsyd.

pysyd is a Python module that uses ctypes to use libsyd.

To build and install libsyd from source, clone the repository at https://git.sr.ht/~alip/syd, navigate to the lib directory and run the following commands, make, make test and sudo make install.

To learn more about the API see the API documentations:

• libsyd: https://libsyd.exherbolinux.org
• plsyd: https://plsyd.exherbolinux.org
• pysyd: https://pysyd.exherbolinux.org

Manual

NAME

syd - seccomp and landlock based application sandbox with support for namespaces

SYNOPSIS

syd [-hvcl]
    [--lock] [--root]
    [-m command...] [-C path...] [-p name...]
    [--unshare-mount,uts,ipc,user,pid,net,cgroup]
    [-A arg0] [--map-root]
    [--] {command [arg...]}
syd --check
syd --landlock
syd --export bpf|pfc
syd --list allow|deny|hook|ioctl|prctl
syd --print profile-name
syd --errno number|name-regex
syd --parse size|human-size
syd --read path
syd --syscall number|name-regex [--arch list|native|x86|x86_64|aarch64...]
syd --sh
syd --test [<name-regex>|<number>|<number>..<number>]..
syd exec {command [arg...]}
syd log

DESCRIPTION

SydB☮x is a seccomp(2) based sandboxing utility for modern Linux[>=5.6] machines to sandbox unwanted process access to filesystem and network resources. SydB☮x requires no root access and no ptrace rights. All you need is a recent Linux kernel and libsecc☮mp which is available on many different architectures, including x86, x86_64, x32, arm, aarch64, mips, mips64... This makes it very easy for a regular user to use. This is the motto of SydB☮x: bring easy, simple, flexible and powerful access restriction to the Linux user!

The basic idea of SydB☮x is to run a command under certain restrictions. These restrictions define which system calls the command is permitted to run and which argument values are permitted for the given system call. The restrictions may be applied via two ways. seccomp-bpf can be used to apply simple Secure Computing user filters to run sandboxing fully on kernel space, and seccomp-notify functionality can be used to run sandboxing on kernel space and fallback to user space to dereference pointer arguments of system calls (See Security about TOCTOU et. al), which are one of pathname, UNIX socket address, IPv4 or IPv6 network address, and make dynamic decisions using Unix shell style patterns such as allowlist/write+/home/sydbox/***, or allowlist/write+/run/user/*/pulse for pathnames, and using CIDR notation such as allowlist/net/connect+127.0.0.1/8!9050, or allowlist/net/connect+::1/8!9050 for IPv4 and IPv6 addresses and perform an action which is by default denying the system call with an appropriate error, which is usually access denied, aka EACCES. For default disallowed system calls, such as ptrace or process_vm_writev (See Security about TOCTOU et. al) SydB☮x returns EACCES as well.

To be able to use SydB☮x, you need a recent Linux kernel with the system calls pidfd_getfd, pidfd_send_signal. The Secure Computing facility of the Linux kernel should support the SECCOMP_USER_NOTIF_FLAG_CONTINUE operation. It is recommended to have the CONFIG_CROSS_MEMORY_ATTACH kernel option enabled, if this option is not enabled, SydB☮x will fallback to reading/writing from /proc/$pid/mem. Linux-5.19 or later is recommended.

OPTIONS

The following options are understood:

-h, --help

Show usage and exit

-v, --version

Show version and exit

-c

Causes command to be executed under a shell with the user profile

Login shell compatibility

-l, --login

Ignored

Login shell compatibility

-m command, --magic=command

Run a sandbox command during init, may be repeated. See the section called CONFIGURATION for more information.

-C path, --config=path

Run a configuration file during init, may be repeated. See the section called CONFIGURATION for more information.

-p name, --profile=name

Use a sandbox profile during init, may be repeated. See the section called CONFIGURATION for more information.

--lock

Lock sandbox commands after initialization. By default, SydB☮x may be configured during runtime from inside the sandbox by interacting with the paths under the virtual path /dev/syd. Locking prevents this and makes SydB☮x sandbox tamper-free making it a true jail replacement. (See Security about TOCTOU et. al)

--root

In fakeroot mode, the system will return a user/group id of 0, mimicking the root user. This allows users to execute commands with apparent root privileges, without actual superuser rights. It's useful for tasks like package building where root-like environment is needed, but not actual root permissions. You may also use the environment variable SYD_FAKEROOT to this effect.

--check

Exit with success if the process is running under SydB☮x.

--landlock

Exit with success if LandLock ABI v3 is fully supported.

--export=mode

Export secure computing rules with the given format to standard output and exit. Mode must be one of bpf or pfc. bpf, aka Berkeley Packet Filter is a binary, machine readable format whereas pfc, aka Pseudo Filter Code is a textual, human readable format.

--list=set

Print the names of the system calls which belong to the given set and exit Set must be exactly one of allow, deny, hook, ioctl, or prctl.

If set is "ioctl", print the list of allowlisted ioctl requests.

If set is "prctl", print the list of allowlisted prctl options.

--print=profile-name

Print out the rules of the given sandbox profile and exit

--errno=number|name-regex

Given a number, print the matching errno name and exit

Given a regex, print case-insensitively matching errno names and exit

--parse=size|human-size

Given a number, print human-formatted size and exit

Given a string, parse human-formatted size into bytes, print and exit

--read=path

Print the canonicalized path name followed by a newline and exit

--syscall=number|name-regex

Given a number, print the matching syscall name and exit

Given a regex, print case-insensitively matching syscall names and exit

By default this looks up the syscall for the native architecture.

Use --arch <name> to specify a different architecture.

Use --arch list to see the list of supported architectures.

--sh

Output a shell script which defines "esyd" the SydB☮x helper function.

You may use eval "$(syd --sh)" in your shell init file.

--test

Run integration tests and exit.

Requires syd-test and syd-test-do programs to be in PATH.

-M, --unshare-mount

Unshare mount namespace

-S, --unshare-uts

Unshare UTS namespace

-I, --unshare-ipc

Unshare IPC namespace

-U, --unshare-user

Unshare user namespace

-P, --unshare-pid

Unshare pid namespace

-N, --unshare-net

Unshare net namespace

-G, --unshare-cgroup

Unshare cgroup namespace

-A alias, --arg0=alias

Set alias of the command.

Passed as argv[0] to the program

-R, --map-root

Map current user to root in the sandbox

Implies --unshare-user

• syd exec may be used to construct a sandbox command to execute a process outside the sandbox. See the description of cmd/exec command for more information.
• syd log may be used to access sandbox logs using journalctl.

Profiles

1. container: Enables Linux namespaces. Equivalent to --unshare-mount,uts,ipc,user,pid,net,cgroup
2. landlock: Enables LandLock and allowlists system directories for Lock Sandboxing.
3. paludis: Used by the Paludis package mangler.
4. noipv4: Disables IPv4 connectivity.
5. noipv6: Disables IPv6 connectivity.
6. silent: Silences all access violations.
7. user: Allows user-specific directories, and connections, and parses the following files if they exist:
   1. /etc/user.syd-3
   2. ~/.user.syd-3

It is possible to stack multiple profiles to configure a more restricted sandbox. Remember the order you stack the profiles matter, the last matching rule wins. E.g:

alip@rosarote:~|⇒  syd -ppaludis -pcontainer -plandlock bash
bash: /home/alip/.bashrc: Permission denied
alip@SydB☮x:~$ echo $$
2
alip@SydB☮x:~$ ps
    PID TTY          TIME CMD
      1 pts/9    00:00:00 syd
      2 pts/9    00:00:00 bash
      9 pts/9    00:00:00 ps
alip@SydB☮x:~$ ls /
ls: cannot open directory '/': Permission denied
alip@SydB☮x:~$

When invoked without arguments, the current shell is executed under SydB☮x with the user profile.

Environment Variables

• SYD_LOG: Set log level. See the "Enabling Logging" section of env-logger crate documentation for more information.
• SYD_NO_SYSLOG: Disable logging to syslog. By default logs of severity Warn and higher are logged to syslog.
• SYD_NO_CROSS_MEMORY_ATTACH: Disable cross memory attach and fallback to /proc/pid/mem.
• SYD_FAKEROOT: Equivalent to passing --root.
• SYD_SH: Pick the shell to spawn when invoked as a login shell, defaults to /bin/bash
• SYD_UNSHARE_MOUNT: Equivalent to passing --unshare-mount
• SYD_UNSHARE_UTS: Equivalent to passing --unshare-uts
• SYD_UNSHARE_IPC: Equivalent to passing --unshare-ipc
• SYD_UNSHARE_PID: Equivalent to passing --unshare-pid
• SYD_UNSHARE_NET: Equivalent to passing --unshare-net
• SYD_UNSHARE_CGROUP: Equivalent to passing --unshare-cgroup

Exit Codes

Sydb☮x exits with the same exit code as the sandbox process itself. If the sandbox process exits with a signal, Sydb☮x exits with 128 plus the value of the signal. In case there was an error in spawning or waiting for the sandbox process, Sydb☮x exits with errno indicating the error condition. E.g. syd true returns 0, syd false return 1, and syd -- syd true returns 16 which stands for EBUSY which stands for "Device or resource busy" indicating there is already a secure computing filter loaded. tl;dr Sydb☮x won't run under Sydb☮x, similarly many process inspection tools such as ltrace, strace, or gdb won't work under Sydb☮x. Thus the sandbox process can either be traced by attaching from outside the sandbox or running the tracer in follow fork mode, e.g. strace -f syd true.

SANDBOXING

There are eight sandboxing types:

1. Memory Sandboxing
2. Pid Sandboxing
3. Lock Sandboxing
4. Read sandboxing
5. Stat sandboxing
6. Write sandboxing
7. Exec sandboxing
8. Network sandboxing

Sandboxing may be on or off:

• off: Sandboxing is off, none of the relevant system calls are checked and all access is allowed.
• on: Sandboxing defaults to deny, allowlists and denylists can be used to refine access rights.

In addition, there are filters for every sandboxing to prevent Sydb☮x from reporting an access violation. Note, access is still denied in such cases.

Memory Sandboxing

This sandboxing handles the system calls brk, mmap, mmap2, and mremap and checks the per-process memory usage on each memory allocation request. If the memory usage reaches the maximum value defined by mem/max, the system call is denied with ENOMEM. Moreover the virtual memory size can be limited using mem/vm_max.

The per-process memory usage is a fair estimate calculated using the file /proc/pid/smaps summing the following fields together:

1. "Pss" (Proportional Set Size) is similar to **"Rss"**¹, but accounts for shared memory more accurately by dividing it among the processes that share it.
2. "Private_Dirty" represents the private memory that has been modified (dirty).
3. "Shared_Dirty" represents the shared memory that has been modified.

¹: "Rss" (Resident Set Size) is the portion of memory occupied by a process that is held in RAM.

Note, memory sandboxing is not an alternative to cgroups. You should use cgroups when you can instead. This is meant for more constrained environments where cgroups is not supported or not available due to missing permissions or other similar restrictions.

Warning, this is not a strict limit, SydB☮x is reliant on the allocation granularity of the processes in the sandbox. Programs will be able to overstep the limit at least by amount of memory they allocate at once.

Pid Sandboxing

This sandboxing handles the system calls fork, vfork, clone, and clone3 and checks the total number of tasks running on the system on each process creation request. If the count reaches the maximum value defined by pid/max, the system call is denied with EACCES.

This sandboxing type is best coupled with a pid namespace using unshare/pid. In this mode, Sydb☮x will check the number of running tasks in the current namespace only.

Note, pid sandboxing is not an alternative to cgroups. You should use cgroups when you can instead. This is meant for more constrained environments where cgroups is not supported or not available due to missing permissions or other similar restrictions.

Lock Sandboxing

This sandboxing utilizes the Landlock LSM for simple unprivileged access control. This sandboxing type is not dynamic and is applied at the kernel level on startup. The sandboxing may be turned on with the sandbox/lock:on sandbox command, and read-only, and read-write allowlists can be populated using the sandbox commands allowlist/lock/read+/path and allowlist/lock/write+/path. Note the Sydb☮x process is also included in this sandbox for added security such that a compromised Sydb☮x process is still stuck inside the Landlock sandbox.

Read Sandboxing

This sandboxing checks certain system calls for filesystem read access. If a system call tries to read a path, this attempt is reported and the system call is denied. See the section called Write Sandboxing for more information on how to customize this behaviour.

List of filtered system calls are: access, faccessat, faccessat2, open, openat, openat2.

Stat Sandboxing

This sandboxing checks certain system calls for filesystem statistics access. This can be one of listing a directory, changing into a directory, or using a stat system call to query file metadata. This sandboxing type may be used to effectively hide files and directories from the sandbox process.

List of filtered system calls are: chdir, fchdir, getdents, getdents64, stat, fstat, lstat, statx, newfstatat, getxattr, lgetxattr, fgetxattr, listxattr, flistxattr, and llistxattr.

Write Sandboxing

This sandboxing checks certain system calls for filesystem write access. If a system call tries to write, modify or change attributes of a path, this attempt is reported in system log and the system call is denied. There are two ways to customize this behaviour. Sydb☮x may be configured to "allowlist" some path patterns. If the path argument of the system call which is subject to be modified matches a pattern in the list of allowlisted path patterns, this attempt is not denied. If, however it matches a pattern in the list of "denylist" path patterns the attempt is denied (last matching pattern wins). Additionally, Sydb☮x may be configured to "filter" some path patterns. In this case a match will prevent Sydb☮x from reporting a warning about the access violation, the system call is still denied though.

List of filtered system calls are: access, faccessat, faccessat2, chmod, fchmod, fchmodat, chown, chown32, fchown, lchown, lchown32, fchownat, open, openat, openat2, creat, mkdir, mkdirat, mknod, mknodat, rmdir, truncate, truncate64, ftruncate, mount, umount, umount2, utime, utimes, utimensat, futimesat, unlink, unlinkat, link, linkat, rename, renameat, renameat2, symlink, symlinkat, setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr.

Exec Sandboxing

This sandboxing denies execve, and execveat calls in case the path argument does not match one of the allowlisted patterns. Note, all exec family functions are sandboxed because these functions are just wrappers of either one of execve or execveat system calls. See the section called Write Sandboxing for more information on how to customize this behaviour.

Network Sandboxing

This sandboxing exposes a way to prevent unwanted network calls. The filtered system calls are: bind, connect, sendto, recvmsg, and sendmsg. To increase usability, these system calls are filtered in two groups: bind and connect. bind belongs to the first group, whereas the other system calls belong to the connect group. See the section called Write Sandboxing for more information on how to customize this behaviour.

Further Restrictions

There are other ways to further restrict access which are listed below.

• exec/kill: Kill the exec process in case it matches a path pattern. See Examples for more information.

CONFIGURATION

Sydb☮x is configured through sandbox commands. There are two ways to supply sandbox commands:

1. Sydb☮x may be configured using a configuration file. The path to the configuration file is speficied using the -c command line switch. More than one configuration file may be specified this way. Single commands may also be passed via -m command line switch. Some default configuration sets may be applied using the -p command line switch. The available sets are landlock, paludis, noipv4, noipv6, silent and user. See Profiles for more information. More than one profile may be specified. For multiple matching rules (e.g. two rules matching the same path), the last matching rule wins.
2. Sydb☮x may be configured using "magic" stat calls during runtime. This is achieved by calling stat() system call on the special path /dev/syd followed by the sandbox command. Note that runtime configuration is only possible if the sandbox lock is unset. The system call stat() was chosen because it is practical to invoke using builtin shell commands like:

test -c /dev/syd/sandbox/read:on

which enables read sandboxing for a shell running under Sydb☮x. It is also possible to query certain values using the return value of the stat call:

test -c /dev/syd/sandbox/read? && echo "read sandboxing on" || echo "read sandboxing off"

Note, some of these shell builtins may actually call other system calls such as fstat, lstat, newfstatat, or statx. Sydb☮x supports the same interface through all these system calls transparently.

Command Types

Every sandbox command accepts an argument of a certain type. The available types are listed below:

• void: This command accepts no argument.
• boolean: A boolean type may have one of the two values, true or false. In addition you can use the short forms t or f and you can also use 1 or 0.
• integer: This type represents the basic integer type.
• string: This type represents the basic string type.
• string-array: This type represents a list of strings. Other types arent allowed within this type.
• command: This is a special type which is used to make Sydb☮x execute certain functions. It is meant to be used as a basic interprocess communication to workaround some tracing limitations.

Specifying Sandbox Commands

As mentioned in the section called CONFIGURATION, Sydb☮x may be configured using sandbox commands. Format of the sandbox commands is simple: ${PREFIX}/section/of/option${OPERATION_CHARACTER}value where ${PREFIX} is /dev/syd by default (may be altered at compile-time using MAGIC_PREFIX definition in config.rs). This prefix is only required for stat() call, not for -m command line switch.

${OPERATION_CHARACTER} determines the operation of the sandbox command. Possible values are listed below:

• : This term is used to set a value. Value must be either a boolean, an integer or a string.
• ? This term is used to query a value. Boolean values and certain other values may be queried.
• + This term is used to append to a string array.
• - This is used to remove an element from a string array. The first matching instance from the end is removed for predictability.
• ^ This is used to remove all matching elements from a string array. This is a more powerful version of the remove operator and must be used with care.
• ! This is used to execute a special Sydb☮x command.

Configuration File Format

Configuration file format of Sydb☮x is simple. It is just a way to supply many commands in a convenient way. All empty lines and lines starting with the sign # are ignored. All the other lines are treated as if they were supplied to Sydb☮x via the -m command line switch.

Configuration File Naming

Configuration file naming of Sydb☮x follows a naming scheme which makes it possible to extract command API version from the file name. A Sydb☮x configuration file must have the extension "syd-" followed by the API version (e.g. "syd-3" for API version 3).

Current command API of Sydb☮x version is 3.

Note, in addition to the stat interface of /dev/syd, you can also read from the virtual node /dev/syd to output Sydb☮x state as JSON.

Commands

Sydb☮x recognizes the following commands:

load

• type: integer
• default: none
• query: no

This command causes Sydb☮x to read configuration from the given file descriptor.

panic

• type: void
• default: none
• query: no

This command causes Sydb☮x to exit immediately with code 127.

reset

• type: void
• default: none
• query: no

This command causes Sydb☮x to reset sandboxing to the default state. Allowlists, denylists and filters are going to be cleared.

stat

• type: void
• default: none
• query: no

This command causes Sydb☮x to output sandbox state on standard error.

lock

• type: string
• default: exec
• query: no

A string specifying the state of the sandbox lock. Possible values are on, off and exec. If the sandbox lock is on no sandbox commands are allowed. If exec is specified, the sandbox lock is set to on for all processes except the initial process, aka Sydb☮x exec child.

sandbox/lock

• type: string
• default: off
• query: yes

A string specifying whether Landlock sandboxing should be enabled. See the section called Lock Sandboxing for more information.

sandbox/mem

• type: string
• default: off
• query: yes

A string specifying how memory sandboxing should be done. See the section called Memory Sandboxing for more information.

sandbox/pid

• type: string
• default: off
• query: yes

A string specifying how pid sandboxing should be done. See the section called Pid Sandboxing for more information.

sandbox/exec

• type: string
• default: on
• query: yes

A string specifying how exec calls should be sandboxed. See the section called Exec Sandboxing for more information.

sandbox/read

• type: string
• default: on
• query: yes

A string specifying how read sandboxing should be done. See the section called Read Sandboxing for more information.

sandbox/stat

• type: string
• default: on
• query: yes

A string specifying how stat sandboxing should be done. See the section called Stat Sandboxing for more information.

sandbox/write

• type: string
• default: on
• query: yes

A string specifying how write sandboxing should be done. See the section called Write Sandboxing for more information.

sandbox/net

• type: string
• default: on
• query: yes

A string specifying how network sandboxing should be done. See the section called Network Sandboxing for more information.

trace/allow_unsafe_ioctl

• type: boolean
• default: false
• query: no

A boolean specifying whether ioctl restrictions should be lifted.

See Security for more information.

trace/allow_unsafe_prctl

• type: boolean
• default: false
• query: no

A boolean specifying whether prctl restrictions should be lifted.

See Security for more information.

trace/allow_unsafe_chmod

• type: boolean
• default: false
• query: no

A boolean specifying whether chmod restrictions should be lifted.

See Security for more information.

trace/allow_unsafe_getrandom

• type: boolean
• default: false
• query: no

A boolean specifying whether getrandom restrictions should be lifted.

See Security for more information.

trace/exit_wait_all

• type: boolean
• default: false
• query: no

A boolean specifying whether to wait for all processes to exit before exiting. By default, SydB☮x exits with the eldest process and any leftover processes in the background are automatically killed. Note, specifying this command only works during startup.

trace/allow_successful_bind

• type: boolean
• default: false
• query: no

A boolean specifying whether the socket address arguments of successful bind calls should be allowlisted for connect, sendto, recvmsg, and sendmsg system calls. Note, these socket addresses are allowlisted globally and not per-process for usability reasons. Thus, for example, a process which forks to call bind will have its socket address allowlisted for their parent as well.

trace/allow_unsupported_socket_families

• type: boolean
• default: false
• query: no

A boolean specifying whether unknown socket families should be allowed access when network sandboxing is on.

trace/memory_access

• type: integer
• default: 0
• query: no

Mode on using cross memory attach or /proc/pid/mem. Cross memory attach requires a Linux kernel with the CONFIG_CROSS_MEMORY_ATTACH option enabled. Default mode is 0.

• 0: Use cross memory attach if available, use /proc otherwise.
• 1: Use /proc/pid/mem unconditionally. You may also use the environment variable SYD_NO_CROSS_MEMORY_ATTACH to this effect:

⇒  strace -q -eprocess_vm_readv -fc -- syd -m trace/memory_access:1 true; echo $?
[pid 1100565] ????( <detached ...>
0
⇒  strace -q -eprocess_vm_readv -fc -- syd -m trace/memory_access:0 true; echo $?
% time     seconds  usecs/call     calls    errors syscall
------ ----------- ----------- --------- --------- -----------------
100,00    0,000155           6        24           process_vm_readv
------ ----------- ----------- --------- --------- -----------------
100,00    0,000155           6        24           total
0
⇒

unshare/mount

• type: boolean
• default: false
• query: yes

Create Mount namespace on startup, equivalent to --unshare-mount.

unshare/uts

• type: boolean
• default: false
• query: yes

Create UTS namespace on startup, equivalent to --unshare-uts.

unshare/ipc

• type: boolean
• default: false
• query: yes

Create IPC namespace on startup, equivalent to --unshare-ipc.

unshare/user

• type: boolean
• default: false
• query: yes

Create User namespace on startup, equivalent to --unshare-user.

unshare/pid

• type: boolean
• default: false
• query: yes

Create Pid namespace on startup, equivalent to --unshare-pid.

unshare/net

• type: boolean
• default: false
• query: yes

Create Net namespace on startup, equivalent to --unshare-net.

unshare/cgroup

• type: boolean
• default: false
• query: yes

Create CGroup namespace on startup, equivalent to --unshare-cgroup.

exec/kill

• type: string-array
• default: [empty array]
• query: no

This setting specifies a list of path patterns. If one of these patterns matches the resolved path of an exec system call, the process in question is killed. See the section called PATTERN MATCHING for more information on glob patterns.

mem/max

• type: unsigned integer (usize)
• default: 128MB
• query: no

This setting specifies the limit on per-process memory usage. Setting this value to 0 disables testing for this type of memory usage. See the section called Memory Sandboxing for more information.

Note, the value is parsed using the parse-size crate. Refer to the respective crate documentation for information on formatting.

mem/vm_max

• type: unsigned integer (usize)
• default: 4GB
• query: no

This setting specifies the limit on per-process virtual memory usage. Setting this value to 0 disables testing for this type of memory usage. See the section called Memory Sandboxing for more information.

Note, the value is parsed using the parse-size crate. Refer to the respective crate documentation for information on formatting.

pid/max

• type: unsigned integer (usize)
• default: 128
• query: no

This setting specifies the limit on the number of running tasks for pid sandboxing. Setting this value to 0 is functionally equivalent to setting sandbox/pid to off. See the section called Pid Sandboxing for more information.

filter/mem

• type: boolean
• default: false
• query: no

This setting specifies whether access violations about memory sandboxing should be reported or filtered. See the section called Memory Sandboxing for more information.

filter/pid

• type: boolean
• default: false
• query: no

This setting specifies whether access violations about pid sandboxing should be reported or filtered. See the section called Pid Sandboxing for more information.

filter/exec

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to filter for exec sandboxing. See the section called Exec Sandboxing and the section called PATTERN MATCHING.

filter/read

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to filter for read sandboxing. See the section called Read Sandboxing and the section called PATTERN MATCHING.

filter/stat

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to filter for stat sandboxing. See the section called Stat Sandboxing and the section called PATTERN MATCHING.

filter/write

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to filter for write sandboxing. See the section called Write Sandboxing and the section called PATTERN MATCHING.

filter/net

• type: string-array
• default: [empty array]
• query: no

Specifies a list of network addresses to filter for network sandboxing. See the section called Network Sandboxing and the section called ADDRESS MATCHING.

allowlist/lock/read

• type: string-array
• default: [empty array]
• query: no

Specifies a list of beneath paths to allowlist as read-only for Landlock sandboxing. See the section called Lock Sandboxing for more information.

allowlist/lock/write

• type: string-array
• default: [empty array]
• query: no

Specifies a list of beneath paths to allowlist as read-write for Landlock sandboxing. See the section called Lock Sandboxing for more information.

allowlist/exec

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to allowlist for exec sandboxing. See the section called Exec Sandboxing and the section called PATTERN MATCHING.

allowlist/read

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to allowlist for read sandboxing. See the section called Read Sandboxing and the section called PATTERN MATCHING.

allowlist/stat

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to allowlist for stat sandboxing. See the section called Stat Sandboxing and the section called PATTERN MATCHING.

allowlist/write

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to allowlist for write sandboxing. See the section called Write Sandboxing and the section called PATTERN MATCHING.

allowlist/net/bind

• type: string-array
• default: [empty array]
• query: no

Specifies a list of network addresses to allowlist for bind network sandboxing. See the section called Network Sandboxing and the section called ADDRESS MATCHING.

allowlist/net/connect

• type: string-array
• default: [empty array]
• query: no

Specifies a list of network addresses to allowlist for connect network sandboxing. See the section called Network Sandboxing and the section called ADDRESS MATCHING.

denylist/exec

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to denylist for exec sandboxing. See the section called Exec Sandboxing and the section called PATTERN MATCHING.

denylist/read

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to denylist for read sandboxing. See the section called Read Sandboxing and the section called PATTERN MATCHING.

denylist/stat

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to denylist for stat sandboxing. See the section called Stat Sandboxing and the section called PATTERN MATCHING.

denylist/write

• type: string-array
• default: [empty array]
• query: no

Specifies a list of path patterns to denylist for write sandboxing. See the section called Write Sandboxing and the section called PATTERN MATCHING.

denylist/net/bind

• type: string-array
• default: [empty array]
• query: no

Specifies a list of network addresses to denylist for bind network sandboxing. See the section called Network Sandboxing and the section called ADDRESS MATCHING.

denylist/net/connect

• type: string-array
• default: [empty array]
• query: no

Specifies a list of network addresses to denylist for connect network sandboxing. See the section called Network Sandboxing and the section called ADDRESS MATCHING.

cmd/exec

• type: command
• default: none
• query: no

Makes SydB☮x execute an external command without sandboxing. The program name and arguments must be separated with the US (unit separator, octal: 037) character. To ease usage, the syd exec subcommand is provided to construct a sandbox command of this type:

⇒  syd -puser -- bash -c 'test -c $(syd exec echo hello world)'
{"cmd":"syd -puser -- bash -c test -c $(syd exec echo hello world)","ctx":"landlock","cwd":"/","id":"syd","l":"W","path_ro":["/bin","/dev","/etc","/opt","/run","/snap","/sys","/usr","/var"],"path_rw":["/dev/console","/dev/dri","/dev/fd","/dev/full","/dev/null","/dev/ptmx","/dev/pts","/dev/shm","/dev/snd","/dev/stderr","/dev/stdout","/dev/tts","/dev/tty","/dev/zero","/home/alip","/proc","/run/user","/selinux/context","/tmp","/var/cache","/var/tmp"],"pid":1184988,"status":"fully_enforced","t":1699456011,"uid":1000}
hello world
{"cfg":"cmd/exec!echo\u001fhello\u001fworld","cmd":"bash -c test -c $(syd exec echo hello world)","ctx":"config","cwd":"/","id":"syd","l":"W","pid":1185005,"sys":"newfstatat","t":1699456011,"uid":1000}

PATTERN MATCHING

Sydb☮x uses shell-style pattern matching for allowlists and filters. The matching code uses the globset crate. Check their documentation for more information about patterns. Note, patterns are case sensitive, the empty alternates option is set when building patterns, i.e. foo{,.txt} in a pattern will match both foo and foo.txt and Sydb☮x applies the triple star extension to patterns, i.e. /dev/*** matches both /dev and any file recursively under /dev. Note also, Sydb☮x gets patterns from multiple sources: a configuration file, a profile, the -m command line switch, or a stat call with /dev/syd prefix. There is no precedence between different sources. All patterns in a list are compiled together in a GlobSet and pattern matching during access control happens in a single step where the last matching pattern decides the outcome.

ADDRESS MATCHING

Sydb☮x has a simple address scheme to match network addresses. The addresses can either be a glob pattern to match UNIX and abstract UNIX socket addresses, or an IP CIDR followed by a port range to match IPv4 and IPv6 addresses. Port range can either be a single port or a range in format port1-port2. The address and the port range must be split by the character !. In addition there are some aliases, you may use instead of specifying an address:

• any: Expanded to any4 ∪ any6.
• any4: Expanded to 0.0.0.0/0 which matches the whole Ipv4 address space.
• any6: Expanded to ::/0 which matches the whole Ipv6 address space.
• loopback: Expanded to loopback4 ∪ loopback6.
• loopback4: Expanded to 127.0.0.0/8
• loopback6: Expanded to ::1/8
• linklocal: Expanded to linklocal4 ∪ linklocal6.
• linklocal4: Expanded to 169.254.0.0/16
• linklocal6: Expanded to fe80::/10
• local: Expanded to local4 ∪ local6.
• local4: Expanded to four addresses as defined in RFC1918:
  • 127.0.0.0/8
  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16
• local6: Expanded to four addresses:
  • ::1/8
  • fe80::/7
  • fc00::/7
  • fec0::/7

EXAMPLES

Below are examples of invocation and configuration of Sydb☮x.

Invocation Examples

Below are some invocation examples:

Deny all reads and writes, allow read access to /dev/zero and write access to /dev/full. The executable dd is not static in this case thus allow access to /lib64 where it will load its shared libraries from as well. Note, on the system of the author the dd binary links only to libraries under /usr/lib, use ldd to check the linked libraries on your system. Note also the quoting to escape shell expansion.

⇒  syd -m sandbox/read:on -m 'allowlist/read+/usr/lib/**' -m allowlist/read+/dev/zero -m allowlist/write+/dev/full -- dd if=/dev/zero of=/dev/full count=1
dd: writing to '/dev/full': No space left on device
1+0 records in
0+0 records out
0 bytes copied, 0,00168969 s, 0,0 kB/s

Kill common bittorrent applications. Note 14 stands for EFAULT which means the sandbox process was killed by a signal.

⇒  syd -m 'exec/kill+/usr/bin/[kr]torrent' -- bash; echo $?
$ rtorrent
14
⇒  syd -m 'exec/kill+/usr/bin/[kr]torrent' -- bash; echo $?
$ ktorrent
14
⇒ 

Hide some files and directories.

⇒  syd -puser bash
$ ls /
bin boot cdrom data dev etc home lib lib32 lib64 libx32 lost+found media mnt nix opt proc root run sbin snap srv sys tmp usr var
$ test -c /dev/syd/denylist/stat+/boot && echo ok
ok
$ test -c /dev/syd/denylist/stat+/tmp && echo ok
ok
$ ls /
bin cdrom data dev etc home lib lib32 lib64 libx32 lost+found media mnt nix opt proc root run sbin snap srv sys usr var
$ cd /tmp
bash: cd: /tmp: Operation not permitted
$ test -c /dev/syd/allowlist/stat+/tmp && echo ok
ok
cd /tmp
$ pwd
/tmp
$

BUGS

Hey you, out there beyond the wall,
Breaking bottles in the hall,
Can you help me?

Report bugs to SydB☮x's bug tracker at https://todo.sr.ht/~alip/syd/:

1. Always be polite, respectful, and kind: https://css-tricks.com/open-source-etiquette-guidebook/
2. Keep your final change as small and neat as possible: https://tirania.org/blog/archive/2010/Dec-31.html
3. Attaching poems with the bug report encourages consideration tremendously.

SECURITY

This is a tricky area. The main advantage SydB☮x brings to the table is that it requires no elevated privileges: no root access or ptrace capabilities are needed. This makes SydB☮x very easy to set up and use. Moreover, SydB☮x allows the user to configure the sandbox dynamically from within the sandbox, and lock it as necessary afterwards. This is done with great care. To prevent time-of-check to time-of-use attacks from breaking the sandbox, SydB☮x uses the flag SECCOMP_USER_NOTIF_FLAG_CONTINUE very sparingly: within the security policy of the sandbox, this only happens in exec and chdir system call hooks because these system calls can not be emulated due to seccomp limitations. This may change in the future.

• SydB☮x takes other precautions to make TOCTOU attacks less likely such as disallowing system calls which can access remote process memory such as ptrace and process_vm_writev, and disallowing write access to /proc/${pid}/mem. This makes the attack vectors much harder to realize.
• SydB☮x denies the creation of setuid/setgid files under the sandbox. Since 3.2.2 this may be disabled using the sandbox command trace/allow_unsafe_chmod:1.
• Since 3.1.9, the set-id family system calls -- setuid, setgid et al. -- are no-ops under SydB☮x. This means these system calls always succeed without doing anything. Since 3.8.6, the SydB☮x process applies a seccomp filter to itself as well to get the same behaviour.
• SydB☮x disallows the TIOCSTI ioctl inside the sandbox which would allow sandbox processes to write to the controling terminal.
• SydB☮x disallows the PR_SET_MM prctl inside the sandbox which can be used to create self-modifying executables.
• SydB☮x disallows io-uring family system calls which may be used to bypass path sandboxing.
• Since 3.1.10, SydB☮x disallows getrandom calls with the GRND_RANDOM flag to protect system entropy. Since 3.2.2, this may be disabled with the sandbox command trace/allow_unsafe_getrandom:1.
• Since 3.1.12, SydB☮x disallows the creation of device special files using the mknod and mknodat system calls. Moreover SydB☮x disallows opening already existing device special files.
• Since 3.6.7, SydB☮x prevents sandbox process from sending signals to the SydB☮x process or any of their threads.
• Since 3.8.1, SydB☮x sets the nice value of the system call handler threads' to 19 to help prevent CPU starvation.
• Since 3.8.6, SydB☮x sets the i/o priority of the system call handler threads' to idle to prevent I/O starvation.
• Since 3.0.1, SydB☮x can utilize Landlock LSM to do filesystem sandboxing. In this mode the SydB☮x process is also included in the Landlock sandbox for added security. See Lock Sandboxing for more information.
• Since 3.0.2, SydB☮x has support for creating Linux namespaces.
• Since 3.0.17, SydB☮x drops the following capabilities(7) for the sandbox process:
  • CAP_AUDIT_READ
  • CAP_AUDIT_WRITE
  • CAP_AUDIT_CONTROL
  • CAP_BLOCK_SUSPEND
  • CAP_BPF
  • CAP_DAC_OVERRIDE
  • CAP_DAC_READ_SEARCH
  • CAP_FOWNER
  • CAP_FSETID
  • CAP_SETGID
  • CAP_SETUID
  • CAP_LINUX_IMMUTABLE
  • CAP_IPC_LOCK
  • CAP_SYS_CHROOT
  • CAP_SYS_PTRACE
  • CAP_SYS_PACCT
  • CAP_MAC_ADMIN
  • CAP_MAC_OVERRIDE
  • CAP_MKNOD
  • CAP_LEASE
  • CAP_NET_ADMIN
  • CAP_NET_RAW
  • CAP_PERFMON
  • CAP_SYSLOG
  • CAP_SYS_ADMIN
  • CAP_SYS_BOOT
  • CAP_SYS_CHROOT
  • CAP_SYS_MODULE
  • CAP_SYS_NICE
  • CAP_SYS_PACCT
  • CAP_SYS_PTRACE
  • CAP_SYS_RAWIO
  • CAP_SYS_RESOURCE
  • CAP_SYS_TIME
  • CAP_WAKE_ALARM
  • CAP_SETPCAP
• Since 3.1.3 SydB☮x only allows the following list of ioctl requests:
  • FIOCLEX
  • FIONCLEX
  • FIONREAD
  • FIONBIO
  • FIOASYNC
  • GIO_UNIMAP
  • TCGETS
  • TCSETS
  • TCSETSW
  • TCSETSF
  • TCGETA
  • TCSETA
  • TCSETAW
  • TCSETAF
  • TIOCGLCKTRMIOS
  • TIOCSLCKTRMIOS
  • TIOCGWINSZ
  • TIOCSWINSZ
  • TCSBRK
  • TCSBRKP
  • TIOCSBRK
  • TIOCCBRK
  • TCXONC
  • TIOCINQ
  • TIOCOUTQ
  • TCFLSH
  • TIOCGPTN
  • TIOCSPTLCK
  • TIOCGDEV
  • TCGETX
  • TCSETX
  • TCSETXF
  • TCSETXW
  • TIOCSIG
  • TIOCVHANGUP
  • TIOCGPKT
  • TIOCGPTLCK
  • TIOCGEXCL
  • TIOCGPTPEER
  • TIOCSCTTY
  • TIOCGPGRP
  • TIOCSPGRP
  • TIOCGSID
  • TIOCEXCL
  • TIOCGEXCL
  • TIOCNXCL
  • TIOCGETD
  • TIOCSETD
  • TIOCPKT
  • TIOCGPKT
  • TIOCSPTLCK
  • TIOCGPTLCK
  • TIOCGPTPEER
  • TIOCGSOFTCAR
  • TIOCSSOFTCAR
  • SECCOMP_IOCTL_NOTIF_ID_VALID
  • SECCOMP_IOCTL_NOTIF_RECV
  • SECCOMP_IOCTL_NOTIF_SEND
  • SECCOMP_IOCTL_NOTIF_ADDFD
• Since 3.1.3 SydB☮x only allows the following list of prctl requests:
  • PR_SET_PDEATHSIG
  • PR_GET_PDEATHSIG
  • PR_GET_DUMPABLE
  • PR_SET_DUMPABLE
  • PR_GET_ALIGN
  • PR_GET_SETALIGN
  • PR_GET_KEEPCAPS
  • PR_SET_KEEPCAPS
  • PR_GET_FPEMU
  • PR_SET_FPEMU
  • PR_GET_FPEXC
  • PR_SET_FPEXC
  • PR_GET_TIMING
  • PR_SET_TIMING
  • PR_SET_NAME
  • PR_GET_NAME
  • PR_GET_ENDIAN
  • PR_SET_ENDIAN
  • PR_GET_SECCOMP
  • PR_SET_SECCOMP
  • PR_CAPBSET_READ
  • PR_CAPBSET_DROP
  • PR_GET_TSC
  • PR_SET_TSC
  • PR_GET_SECUREBITS
  • PR_SET_SECUREBITS
  • PR_SET_TIMERSLACK
  • PR_GET_TIMERSLACK
  • PR_MCE_KILL
  • PR_MCE_KILL_GET
  • PR_SET_CHILD_SUBREAPER
  • PR_GET_CHILD_SUBREAPER
  • PR_SET_NO_NEW_PRIVS
  • PR_GET_NO_NEW_PRIVS
  • PR_GET_TID_ADDRESS
  • PR_SET_THP_DISABLE
  • PR_GET_THP_DISABLE
  • PR_SET_FP_MODE
  • PR_GET_FP_MODE
  • PR_CAP_AMBIENT
  • PR_SVE_SET_VL
  • PR_SVE_GET_VL
  • PR_PAC_RESET_KEYS
  • PR_SET_TAGGED_ADDR_CTRL
  • PR_GET_TAGGED_ADDR_CTRL
  • PR_SET_IO_FLUSHER
  • PR_GET_IO_FLUSHER
  • PR_SET_SYSCALL_USER_DISPATCH
  • PR_PAC_SET_ENABLED_KEYS
  • PR_PAC_GET_ENABLED_KEYS
  • PR_SCHED_CORE
• The full list of denylisted system calls by SydB☮x are as follows, note this list is automatically generated. Since SydB☮x's default seccomp action is to deny the system call, any newly added system calls are going to be denied as well:
  • acct
  • add_key
  • adjtimex
  • afs_syscall
  • bpf
  • chroot
  • clock_adjtime
  • create_module
  • delete_module
  • finit_module
  • fsconfig
  • fsmount
  • fsopen
  • fspick
  • get_kernel_syms
  • init_module
  • io_cancel
  • io_destroy
  • io_getevents
  • ioperm
  • io_pgetevents
  • iopl
  • io_setup
  • io_submit
  • io_uring_enter
  • io_uring_register
  • io_uring_setup
  • kexec_file_load
  • kexec_load
  • keyctl
  • mbind
  • migrate_pages
  • mount_setattr
  • move_mount
  • move_pages
  • name_to_handle_at
  • nfsservctl
  • open_tree
  • perf_event_open
  • pivot_root
  • process_vm_readv
  • process_vm_writev
  • ptrace
  • putpmsg
  • query_module
  • quotactl
  • quotactl_fd
  • reboot
  • request_key
  • sched_rr_get_interval
  • sched_setparam
  • security
  • set_mempolicy
  • settimeofday
  • swapoff
  • swapon
  • _sysctl
  • sysfs
  • syslog
  • tuxcall
  • uselib
  • userfaultfd
  • vhangup
  • vserver

CTF HOWTO: SydB☮x Capture The Flag Challenge

Welcome to the SydB☮x Capture The Flag (CTF) Challenge! This guide will walk you through the steps to participate in this exciting and rewarding game. The goal is to read the contents of the /etc/CTF file on the server syd.chesswob.org. If you succeed, you can earn a reward of 100€. Let's get started!

Prerequisites

• Basic knowledge of SSH (Secure Shell) and Unix/Linux command line.
• A computer with an SSH client installed (most Unix/Linux systems have this by default; Windows users can use PuTTY or Windows Subsystem for Linux).

Step 1: Understanding the Challenge

1. Connect via SSH: You will SSH into syd.chesswob.org using the username and password syd.
2. Read /etc/CTF: Your task is to read the contents of this file, which is normally restricted.
3. Time Limit: You have 15 minutes to complete the challenge.

Step 2: Connecting to the Server

1. Open your terminal (or SSH client).
2. Run the following command: ssh syd@syd.chesswob.org.
3. When prompted, enter the password: syd.

ssh syd@syd.chesswob.org
# When prompted, enter the password: syd

Step 3: Exploring the Server

1. List File Details: Use ls -l /etc/CTF to check the file's details.
2. Attempt to Read File: Try using cat /etc/CTF. You'll likely encounter a "Permission denied" error.

syd@SydB☮x ~ $ ls -l /etc/CTF
-rw-r--r-- 1 syd syd 1001 Nov  8 20:17 /etc/CTF
syd@SydB☮x ~ $ cat /etc/CTF
cat: /etc/CTF: Permission denied

Step 4: Overcoming the Challenge

1. Understand Your Tools: The server has common Unix tools (nano, vim, etc.) and a full toolchain for compiling.
2. SCP Access: Secure Copy Protocol (SCP) is available to transfer files to and from the server.
3. Read SydB☮x Security Documentation: Visit SydB☮x Security for insights that may help in reading /etc/CTF.

Step 5: Reading /etc/CTF

1. Experiment: Use your Unix/Linux skills and tools available on the server. Remember, you can compile programs too.
2. Creative Solutions: There might be unconventional methods to bypass the permission restriction.

Step 6: Reporting Your Success

1. Document Your Method: Once you've read the file, document the process you used.
2. Send an Email: Email your solution and the contents of /etc/CTF to syd@chesswob.org.

Additional Tips

• Time Management: Keep an eye on the time. You have 15 minutes per session.
• Persistence: If you don't succeed at first, try different approaches.

Conclusion

Participating in the SydB☮x CTF Challenge is not only a fun way to test your skills but also a great learning opportunity. Good luck, and may the best hacker win!

Remember, hacking into systems without permission is illegal. This guide is meant for the SydB☮x CTF Challenge only, where you have explicit permission to attempt to read /etc/CTF.

BENCHMARK

In a detailed benchmark conducted on an Arch Linux system with a 16-core Ryzen 7 CPU and approximately 64GB RAM, we assessed the performance of Sydb☮x v3.8.4 against v1.2.1 during a Linux kernel build. The analysis revealed that while Sydb☮x-3 generally maintained a performance close to SydB☮x-1 under various profiles, a notable slowdown of about 5% was observed in scenarios with intensive memory sandboxing. This decrease in efficiency can be attributed specifically to SydB☮x-3's approach of reading /proc/pid/smaps for each memory-related syscall which results in a computationally expensive calculation to determine per-process memory usage.

Benchmark 1: make defconfig; make -j$(nproc)
  Time (mean ± σ):     97.892 s ±  0.238 s    [User: 1280.027 s, System: 88.111 s]
  Range (min … max):   97.619 s … 98.303 s    10 runs

Benchmark 2: sydbox --profile paludis -- make defconfig; make -j$(nproc)
  Time (mean ± σ):     98.156 s ±  0.170 s    [User: 1282.253 s, System: 87.962 s]
  Range (min … max):   97.838 s … 98.371 s    10 runs

Benchmark 3: syd --profile paludis -- make defconfig; make -j$(nproc)
  Time (mean ± σ):     98.886 s ±  0.174 s    [User: 1282.168 s, System: 88.215 s]
  Range (min … max):   98.611 s … 99.159 s    10 runs

Benchmark 4: syd --profile paludis --profile container -- make defconfig; make -j$(nproc)
  Time (mean ± σ):     98.993 s ±  0.086 s    [User: 1283.699 s, System: 88.339 s]
  Range (min … max):   98.851 s … 99.168 s    10 runs

Benchmark 5: syd --profile paludis --profile container --profile landlock -mallowlist/lock/write+/var/tmp/paludis -- make defconfig; make -j$(nproc)
  Time (mean ± σ):     98.855 s ±  0.220 s    [User: 1280.993 s, System: 88.597 s]
  Range (min … max):   98.609 s … 99.146 s    10 runs

Benchmark 6: syd --profile paludis --profile container -msandbox/pid:on -mpid/max:10240 -- make defconfig; make -j$(nproc)
  Time (mean ± σ):     98.931 s ±  0.133 s    [User: 1282.147 s, System: 88.652 s]
  Range (min … max):   98.653 s … 99.039 s    10 runs

Benchmark 7: syd --profile paludis -msandbox/mem:on -mmem/max:32G -- make defconfig; make -j$(nproc)
  Time (mean ± σ):     102.460 s ±  0.176 s    [User: 1284.521 s, System: 89.305 s]
  Range (min … max):   102.217 s … 102.703 s    10 runs

Summary
  make defconfig; make -j$(nproc) ran
    1.00 ± 0.00 times faster than sydbox --profile paludis -- make defconfig; make -j$(nproc)
    1.01 ± 0.00 times faster than syd --profile paludis --profile container --profile landlock -mallowlist/lock/write+/var/tmp/paludis -- make defconfig; make -j$(nproc)
    1.01 ± 0.00 times faster than syd --profile paludis -- make defconfig; make -j$(nproc)
    1.01 ± 0.00 times faster than syd --profile paludis --profile container -msandbox/pid:on -mpid/max:10240 -- make defconfig; make -j$(nproc)
    1.01 ± 0.00 times faster than syd --profile paludis --profile container -- make defconfig; make -j$(nproc)
    1.05 ± 0.00 times faster than syd --profile paludis -msandbox/mem:on -mmem/max:32G -- make defconfig; make -j$(nproc)

COPYRIGHT

• SPDX-License-Identifier: GPL-3.0-or-later
• Copyright © 2010, 2011, 2012, 2013, 2014, 2015, 2018, 2020, 2021, 2023 Ali Polatel alip@chesswob.org

ChangeLog

3.8.7

• Further restrict the parent SydB☮x process by disallowing ptrace, chroot, and pivot_root.
• SydB☮x now brings the loopback interface up with unshare/net:1.
• Implement the load sandbox command.
• Implement the panic sandbox command.
• Implement the reset sandbox command.
• Remove the is-terminal check from error, warn level logs.

3.8.6

• Set i/o priority of system call handler threads to idle.
• Set parent-death signal to SIGKILL in SydB☮x process rather than the child for added safety and security.
• Drop Linux capabilities in SydB☮x process rather than the child for added security.
• Fix unicode issue in regex builder for --error and --syscall options.
• Reduce the default threadpool keepalive timeout from one minute to 15 seconds so that SydB☮x becomes more reliable during pid starvation.
• Apply a seccomp filter to the SydB☮x process such that all set*id system calls return 0 without doing anything. This is an important security hardening.

3.8.5

• Enable debugging information in release mode to help with profiling.
• Use optimization level 3 rather than z in release mode.
• Use unwind rather than abort for panics in release mode.

3.8.4

• Implement virtual memory usage limiting for memory sandboxing, the command mem/vm_max may be used to configure the limit which defaults to 4GB.
• Exit with eldest process by default, add trace/exit_wait_all sandbox command to change behaviour.

3.8.3

• Optimize smaps lookup by stopping at the point the memory limit is reached.

3.8.2

• Implement syd --parse human-size to parse human-formatted size strings into bytes.
• Implement Memory Sandboxing.

3.8.1

• Include build host information into --version output.
• Ignore EACCES and ESRCH errors in proc task counter, we already ignore ENOENT and EPERM so this is consistent.
• Slightly optimize the task limit check of pid sandboxing.
• Remove the broken kill mode for pid sandboxing and rename deny to on.
• Set system call handler threads' nice value to 19 to help prevent CPU starvation.

3.8.0

• Add new operator ^ to remove all matching elements from an allowlist, denylist or a filter.
• New sandboxing type called Pid Sandboxing to set a limit on the maximum number of tasks. This is best coupled with a pid name space.
• Guard the parent process with a tight seccomp filter when using namespaces.
• Use the sendfd crate and a safe UnixStream based socketpair implementation to send/receive the seccomp notification fd rather than the non-portable internal alternative.
• Avoid loading landlock twice on startup when namespaces are at play.
• --arch <name> may now be specified with --syscall num|regex to lookup the system call for the specified architecture rather than the native architecture. --arch list may be used to print the list of supported architectures.
• Denylist /proc/1/*** for read, stat and write sandboxing in container and user profiles.

3.7.3

• Fix build on musl broken by recent 32-bit compat changes

3.7.2

• Write a socketcall hook for 32-bit systems.
• Optimize seccomp request preparation slightly by avoiding an ioctl call per request.
• Fix 32-bit build
• Allowlist the system call mmap2 and ugetrlimit system calls.
• Fix an issue determining the syscall handler for non-native architectures (e.g. 32bit sandbox process with 64bit syd)

3.7.1

• Make the busy-wait in the background monitor thread less heavy by inserting a wait after each request reap cycle.
• Optimize pidfd handling.
• Optimize the syd::fs::FileInformation::from_path function which is used very frequently in path canonicalization.

3.7.0

• Increase the threadpool keepalive timeout from 7 seconds to a minute. Benchmarks have shown 7 seconds is actually too short and we're overloading the threadpool.
• Make the background monitor thread wait on a Condvar rather than waking up every n seconds and looping through the whole list of requests. The handler thread notifies the Condvar which wakes up the background monitor thread to handle interrupts for blocking system calls (e.g. interrupted open on a FIFO)
• Improve seccomp syscall priorities to better match a typical build process.
• Protect SydB☮x process and their threads from signals. Hook kill, tkill, tgkill, and pidfd_open calls and return EACCES in case sandbox process tries to send a signal to a process id related to SydB☮x.

3.6.6

• Avoid waiting for threads in Supervisor::wait avoiding hangs in some cases.

3.6.5

• New profile container to activate Linux namespaces. This is currently equivalent to --unshare-mount,uts,ipc,user,pid,net,cgroup.

3.6.4

• Exit with 128 plus signal value rather than EFAULT when the sandbox process is killed by a signal.
• SydB☮x process is included into the namespace now so that it has identical view of /proc.
• Mount /proc inside the mount namespace as necessary.
• Return proper exit codes on early spawn failures.
• Allowlist the directory /sys/devices/system/node recursively for read & stat sandboxing in paludis profile.

3.6.3

• Fix an issue with symbolic loop detection in path canonicalizer and make it more robust. Milestone Paludis' tests pass under SydB☮x now.
• Ensure seccomp sender and receiver socketpair is closed properly which avoids hangs when there is an error spawning the sandbox process.

3.6.2

• New landlock profile to make practical use of LandLock.
• Drop the interrupt workaround for kernel misbehaving with WAIT_KILLABLE_RECV seccomp flag.
• Stat handler incorrectly returned a directory when the sandbox process stats one of the magic symlinks /proc/self, /proc/thread-self, /dev/fd, /dev/stdin, /dev/stderr and /dev/stdout. This is now fixed. Notably, this makes ps work under SydB☮x.
• Report running kernel version and landlock status in --version
• Add --landlock which checks if LandLock ABI v3 is fully supported.

3.6.1

• The - op on magic commands now removes the most recently added matching item rather than all matching items for predictability.
• Fix esyd disable subcommand.
• Allowlist /dev/stdin for landlock read/write in user profile. /dev/stdout and stderr were already allowed.

3.6.0

• Stat sandboxing can no longer be bypassed by attempting to read, write or execute a denylisted/hidden path.
• Log messages with process IDs are enriched using /proc/pid/comm rather than /proc/pid/cwd and /proc/pid/cmdline when the log feature is disabled (default). This is much lightweight since it avoids filesystem access.
• Implemented various small usability improvements for syd-test.
• Ioctl restrictions was not applied correctly when SydB☮x was built with musl. This is now fixed.
• New feature log to include debug logging into the program. By default logs of severity debug and trace are compiled out. This was previously dependent on debug build mode.
• esyd enable, enabled, enable_path, enabled_path, disable, disabled, disable_path, and disabled_path now works for read, write and stat sandboxing rather than just write sandboxing. use the _write suffixed versions of the subcommands for write-only.
• esyd deny, deny_path, nodeny, and nodeny_path now works for read, write and stat sandboxing rather than just write sandboxing, use esyd deny_write, nodeny_write to add/remove from the write-only denylist.
• esyd allow, allow_path, disallow and disallow_path now works for read, write and stat sandboxing rather than just write sandboxing, use esyd allow_write, disallow_write to add/remove from write-only allowlist.
• Allowlist the directory /proc/sys/vm for read & stat sandboxing in paludis and user profiles.
• Allowlist files with CPU information under /sys/devices/system/cpu for read & stat sandboxing in paludis profile.
• Allowlist the directory /proc/pid/attr for read & stat sandboxing in paludis and user profiles.
• Reduce the severity of sandbox config change logs from warn to info.
• sandbox/stat, aka Stat Sandboxing, defaults to on rather than off now.
• sandbox/read, aka Read Sandboxing, defaults to on rather than off now.
• sandbox/exec, aka Exec Sandboxing, defaults to on rather than off now.
• trace/allow_unsupported_socket_families defaults to false rather than true now.
• trace/allow_successful_bind default to false rather than true now.
• Mention asciicasts in README.

3.5.2

• Fix various issues with /proc handling of stat and open handlers.
• Support Linux-specific statx flags in statx handler.

3.5.1

• Make mkdir, mkdirat, mknod and mknodat handlers more resillient to interrupts.
• Make connect handler more resillient to interrupts.

3.5.0

• Make expensive tests usable (preparation for src_test_expensive on Exherbo).
• Rename local alias to local4, define the new local alias an union of local{4,6}.
• Rename any alias to any4, define the new any alias as an union of any{4,6}.
• Rename loopback alias to loopback4, define the new loopback alias as an union of loopback{4,6}.
• Add linklocal, linklocal4, and linklocal6 network aliases.
• Network aliases are now case-insensitive.
• Support Plan9 style network addresses such as 1.1.1.1!80. This is the format we're going to use moving forward. @ is still supported as a split character for backwards compatibility.
• Make bind handler more resillient to interrupts.

3.4.3

• Fix allowlist/net/bind-, allowlist/net/connect-, denylist/net/bind-, denylist/net/connect- sandbox commands to correctly remove the address when the port is given as a single port rather than a port range.
• Fix a bug with seccomp request tracking of the background syd::m☮☮n thread causing spurious signals to be sent to system call handler threads.

3.4.2

• Start making binary releases

3.4.1

• Replace threadpool crate with the rusty_poll crate

3.4.0

• Teach syd::m☮☮n thread the ability to resize the syscall handler threadpool size upon investigating the current active, queued and maximum count of the threadpool. This makes SydB☮x automatically adapt when there's a sudden burst of blocking system calls (e.g. opening a FIFO, or binding a socket) and avoid deadlocks. When the burst is gone, syd::m☮☮n kicks in again and decreases the pool size back to a normal state. Since the handling is completely automatic, the environment variable SYD_NPROC to set the size of the system call handler thread pool is no longer supported. The value defaults to the number of CPUs on startup and is adapted automatically according to the needs of the sandbox process.
• Fix various issues with UNIX domain socket handling.
• Honour process umask properly in bind handler.
• Make the bind syscall handler much more resillient to quickly restarting interrupted syscalls.
• Improve interrupt handling by spawning a background thread called syd::m☮☮n, to reap invalidated seccomp requests and interrupt respective syscall handler threads.

3.3.4

• Fix a bug in symlink loop handling of path canonicalization and make it more efficient.
• Simplify FIFO handling using a thread rather than forking. Credit goes to Johannes Nixdorf for coming up with the idea and testing a POC.

3.3.3

• Fix handling of unix domain socket connections with relative paths.
• Drop the umask lock and support input/output to FIFOs.

3.3.2

• Handle the virtual paths /dev/stdin, /dev/stdout, and /dev/stderr specially during syscall emulation.
• Fix fgetxattr handler to correctly determine the path to the file descriptor.
• Fix an issue with fgetxattr handler where the handler would erroneously return EFAULT on some valid fgetxattr calls.
• Fix an issue emulating newfstatat calls with AT_EMPTH_PATH flag.

3.3.1

• Fix another bug with ends with dot check in path canonicalizer which caused some paths to erroneously return ENOENT rather than EEXIST.
• Fix the ends with dot check in path canonicalizer which caused creating/removing directories with a dot in the name fail with EINVAL.
• Improve handling of the special paths /dev/fd/$fd and /proc/$pid/fd/$fd.
• Improve path canonicalizer by avoiding double stat on symlinks.
• Allow TIOCSCTTY ioctl by default.
• Rather than disallowing access to /dev/tty with ENXIO unconditionally, try to determine sandbox process' controlling terminal and use it.
• New command syd-init which is a simple init system to run under SydB☮x.
• Switch fuzzer to use afl++ rather than libfuzzer
• Document -c and -l options correctly. Ignore --login as well for login shell compatibility.
• Add a CTF guide section in the README

3.3.0

• -r short option of --root has been removed for consistency.
• -l option is a no-op now rather than being a short option for --lock for login shell compatibility.
• -c short option has been changed to -C for --config. -c causes command to be executed under a shell for login shell compatibility

3.2.11

• Announce the CTF game in the README.
• Move the system calls getxattr, lgetxattr, fgetxattr, listxattr, flistxattr, and llistxattr from read sandboxing to stat sandboxing for consistency with stat calls.
• Do not replace /proc/self with /proc/pid on stat with nofollow. This fixes ps to work under SydB☮x above all.

3.2.10

• syd --read now works with relative paths as well as absolute paths.
• New profile silent to silence all access violations.
• Fix a bug with path normalization where double dots at root position were erroneously removed resulting in path not found errors during syscall handling.

3.2.9

• Drop trailing slash from paths before matching.
• Update bpftrace scripts
• Fix /dev/pts glob in paludis and user profiles.

3.2.8

• Disallow access to /dev/tty with ENXIO as SydB☮x cannot safely emulate access to the controlling terminal.
• Implement syd --syscall number|name-regex to search for syscall numbers and names.
• Fix stat handler from erroneously returning ELOOP on symbolic links with a trailing slash.
• Fix a bug with symbolic link loop detection in remote path canonicalization.
• Properly exit with EBUSY when seccomp filter cannot be loaded on startup.
• Print libsecc☮mp version, api version and native architecture in syd --help output.
• Print libsecc☮mp native architecture in syd --version output.
• Implement syd --arch to print the name of the native libsecc☮mp architecture.
• Implement syd --errno number|name-regex to search for errno numbers and names.

3.2.7

• Move esyd.sh from data/ to src/ as another attempt to fix cargo install.
• Use openat2 with RESOLVE_NO_SYMLINKS when stating in fs::canonicalize function removing another potential TOCTOU vector.

3.2.6

• Do not call include_str! with a relative path which breaks cargo install. Use cargo build environment variables instead.
• Always deny access violations with EACCES. Previously SydB☮x would deny silently with ENOENT if the path does not exist. This was a feature to ease test/dev cycle in early stages of syd-3 but it creates confusion, so it is now removed.

3.2.5

• Fix a file descriptor leak in stat handler. Credit goes to Johannes Nixdorf for identifying the bug.
• Report libsecc☮mp API in syd --version
• syd-test now lists known failures at the end of the test run.
• Ensure restarted open system calls with O_EXCL flags succeed. With this fix git clone works under SydB☮x.
• Fix parsing of LOCAL and LOCAL6 network aliases.

3.2.4

• Fix tests

3.2.3

• Ensure opening directories in write mode fails with EISDIR in open handler.
• Deny mknod for fifos and block devices with ENOSYS rather than ENOPERM correctly signaling the sandbox process the lack of support for named pipes.
• Do not follow symbolic links in chmod handler.
• Preserve O_CLOEXEC flag as necessary in the added fd for open system call handlers.
• Ensure system call emulators fail with ENOTDIR when fd argument is a regular file and the path argument is a dot.
• Avoid updating file access times during remote path canonicalization which may break expectations of sandbox processes.
• open handlers now return ENOENT when the path argument is an empty string.
• unlink, unlinkat, rename, renameat, and renameat2 handlers now return EINVAL when the last path of the component is a dot.
• Fix a regression in recvfrom remote socket address writing. This caused UDP connections, such as DNS to fail under SydB☮x.
• Handle task death between seccomp notify poll event receive and seccomp request receive gracefully.

3.2.2

• Add statistics about the file in reports for path access violations.
• Access violation returns EACCES if file exists and the errno if the file does not exist. Previously it would always return ENOENT in the latter case.
• Do not follow symbolic links in mkdir and mkdirat handlers.
• Lift chmod and getrandom restrictions for the paludis profile.
• trace/allow_unsafe_getrandom sandbox command may be used to lift getrandom restrictions and allow the use of GRND_RANDOM flag with getrandom which accesses /dev/random under the hood.
• trace/allow_unsafe_chmod sandbox command may be used to lift chmod restrictions and allow the creation of setuid/setgid files.
• Return correct errno on open errors due to remote path canonicalization failures.
• System call handlers properly return EBADF on invalid fd arguments now.
• Fix symbolic link handling in open syscall handlers.
• Fix symlink loop detection in remote path canonicalization.
• We issue continue syscall for connection-mode sockets in recvfrom/sendto system calls. Since the pointer argument is NULL in these cases we're safe from TOCTOU.
• Do not follow symbolic links in rename, renameat, and renameat2 handlers.
• Return correct errno on failures from statx and newfstatat handlers.
• Use original target argument in symlink, symlinkat handlers so that creation of relative symbolic links is now possible under SydB☮x.
• Honor sandbox process umask in link and linkat system calls.
• Honor sandbox process umask when creating UNIX sockets.
• Honor sandbox process umask in mkdir, mkdirat, mknod, and mknodat syscall handlers.
• Trailing slash handling has been improved across all system call handlers.
• link, and linkat handlers no longer follow symbolic links in newpath as mandated by POSIX.
• linkat now honours AT_SYMLINK_FOLLOW correctly when following symlinks.
• link no longer follows symbolic links on its first argument as it should.
• open, and openat with O_CREAT now properly returns ENOENT on paths ending with a trailing slash.
• Handle mkdir, mkdirat, rmdir, and unlinkat correctly and return EINVAL when the last component is a dot.
• Fix a path canonicalization bug to follow symbolic links in the last component in case the component ends with a slash, ie if it has to be a directory.
• Simplify stat handling.
• Various fixes for xattr related system call handlers, above all handle value argument being NULL gracefully.
• Avoid resolving target path in symlink and symlinkat emulators.

3.2.1

• Fix handling of lchown{,32} emulators where we mistakenly followed symbolic links before.
• Use use a fd with O_PATH+RESOLVE_NO_SYMLINKS during syscall emulation for safety against symlink attacks, we hard require Linux-5.6 or newer with this.
• Sandbox ftruncate, fgetxattr and lgetxattr.
• Call renameat2 directly as a syscall as musl libc is lacking this function at the moment and their usage breaks musl builds.

3.2.0

• Numerous minor fixes to path normalization and canonicalization.
• Emulate all sandboxing calls but exec, and chdir.
• Handle symbolic links and the AT_SYMLINK_NOFOLLOW flag correctly.
• Handle empty paths and the AT_EMPTY_PATH flag correctly in system calls.
• trace/allow_successful_bind is now fixed to correctly allow successful bind calls.
• SydB☮x now emulates all the respective system calls for network sandboxing making network sandboxing completely TOCTOU-free.
• SydB☮x no longer allows the opening of existing device special files or named pipes.
• SydB☮x no longer allows the creation of device special files or named pipes.

3.1.11

• Fix an issue with network address filtering causing some filters to match regardless of their port restrictions.
• Fix an issue with network address matching causing some rules to match regardless of their port restrictions.

3.1.10

• Add sample user configuration file under data/user.syd-3.
• Use /etc/user.syd-3 rather than /etc/rc.syd-3 which is more consistent.
• SydB☮x now properly spawns the underlying shell as a login shell when SydB☮x itself is invoked as a login shell.
• Add sandbox commands unshare/{mount,uts,ipc,user,pid,net,cgroup} which are equivalent to the command line options --unshare-{mount,uts,ipc,user,pid,net,cgroup}. In addition they may be queried using the stat interface during runtime, e.g. `test -e /dev/syd/unshare/user?'
• Implement trace/allow_unsafe_{io,pr}ctl sandbox commands which may be used to lift the restrictions on the respective system calls.
• The function syd::proc::proc_cmdline now trims overly long command lines.
• Simplify capabilities handling. Drop CAP_BPF.

3.1.9

• The lock is honoured during initial configuration updates so e.g. setting the sandbox lock in the file /etc/rc.syd-3 will prevent ~/.user.syd-3 from loading. This is useful to enforce site-wide configuration.
• user profile now parser /etc/rc.syd-3 before ~/.user.syd-3.
• SydB☮x now honours the environment variables SYD_UNSHARE_{MOUNT,UTS,IPC,USER,PID,NET,CGROUP} to create namespaces.
• You may now use SydB☮x as your login shell by adding it to /etc/shells. The actual shell to execute under SydB☮x defaults to /bin/bash and can be changed on runtime via SYD_SHELL environment variable or during compile time by changing the variable SYD_SH in src/config.rs.
• Fix a bug with path normalization to handle double dots at root position correctly.
• The set-id family calls are now no-ops under SydB☮x.
• The /dev/syd may be read to get SydB☮x state in JSON in case sandbox is unlocked.
• Better ZSH compatibility for the data/esyd.sh script which is also available via esyd --sh.

3.1.8

• Fix linkat, renameat, and renameat2 system call handlers' argument handling.
• Fix dropping of capabilities with --map-root.
• Listing /dev now lists /dev/syd in case the sandbox lock is off.
• Simplify handling of the special paths /proc/self and /dev/fd.
• SydB☮x now properly returns ENAMETOOLONG for too long paths.
• Ensure the validity of the sandbox process is checked using SECCOMP_IOCTL_NOTIF_ID_VALID after every interaction with the sandbox process memory.
• SydB☮x now allows ioctl requests for PTY handling.
• SydB☮x now properly closes the seccomp notify file descriptor after poll errors.
• SydB☮x now sets the no_new_privs attribute for the SydB☮x process as well as the sandbox process. Previously we only set this in the child process.
• Fix a bug in path canonicalization function preventing an infinite loop, when following certain symbolic links.

3.1.7

• Vendor in the caps crate and avoid using thiserror which breaks static linking.

3.1.6

• Stop using the thiserror crate which breaks static linking.

3.1.5

• Stop using the derive feature of the serde crate which breaks static linking.

3.1.4

• Allow the system calls setgid, setgriups, setregid, setresgid, setresuid, setreuid, setuid inside the sandbox. Since we drop the capabilities CAP_SETUID and CAP_SETGID on startup this is safe.
• Vendor in the landlock create, use bitflags rather than enumflags2 which depends on emumflags2_derive crate and that used to break both static linking and address sanitizer.
• Reading from files under /dev/syd succeeds with the lock off. This is to provide consistency with the stat interface. The open system call handler just opens /dev/null instead under the hood.
• Handle pipes under /proc/pid/task/fd directories correctly.
• syd-test now honours the SYD_TEST_VALGRIND environment variable to run SydB☮x under valgrind during integration tests.
• SydB☮x now logs the current user id with the log messages.
• The stack size of the SydB☮x execve child has been increased from 4k to 128k.
• Block getrandom calls with GRND_RANDOM flag. Sandbox processes are not allowed to access /dev/random. Access to /dev/urandom is fine.
• Fix environment clearing code which fixes the broken functionality of SYD_NO_SYSLOG and SYD_NO_CROSS_MEMORY_ATTACH environment variables.
• The stat system call handler now properly handles symbolic links.
• paludis and user profiles allow access to files /proc/version and /proc/pid/map.
• Fix and document ioctl, prctl restrictions.
• SydB☮x now writes "deny" to /proc/pid/setgroups before writing the gid_map file. This way setgroups(2) is permanently disabled in user namespace and writing to the gid map file can succeed without having the CAP_SETGID capability.

3.1.3

• SydB☮x restricts prctl usage with a list of allowlisted prctls. This prevents potentially dangerous prctls such as PR_SET_MM which can create self-modifying executables. The list of allowlisted prctls can be listed using syd --list prctl.
• SydB☮x restricts ioctl usage with a list of allowlisted ioctls. This prevents sandbox escapes such as utilizing TIOCSTI to write to the controlling terminal. The list of allowlisted ioctls can be listed using syd --list ioctl.
• Use the errno EACCES rather than EPERM on access violations.
• paludis profile disables read access to /dev/random. stat access to this file is granted. Read access to /dev/urandom works too.

3.1.2

• The stat system call handler now handles deleted files correctly and fstats on the fd rathet than the dangling /proc symlink
• The stat system call handler now handles special files such as sockets or poll file descriptors correctly and fstats on the fd rather than the dangling /proc symbolic link.
• paludis and user profiles allow read/stat access to /proc/stat now so that ps works correctly in the sandbox.
• Add --sh option which makes SydB☮x drop a shell script to standard output which defines esyd the sandbbox helper.

3.1.1

• CGroups support has been dropped, use other means to create CGroups and then spawn SydB☮x inside.
• The paludis and user profiles now allow read/stat access to the files /proc/sys/kernel/osrelease and /proc/uptime.
• Fix a panic trying to log paths with non UTF-8 pathnames.

3.1.0

• The stat system call emulator no longer fails to fstat on pipes. The solution is TOCTOU-free, when we hit on a pipe fd, we get the file descriptor, fstat it and close it, then return the stat buffer.
• Add support for CGroups via --limit-{cpu,io,mem,pid}. The command-line arguments have conservative defaults. RTFM for more information.
• Disallow the system calls bpf, ioperm, iopl, setgid, setgroups, setregid, setresgid, setresuid, setreuid**, and vhangup inside the sandbox to improve security.
• Improve architecture-dependent code, improve support for ARM and S390.
• Edit paludis and user profiles to have a "deny-by-default and allowlist known goods" strategy for the directories /dev and /proc. This brings added safety as it adds read restrictions and hides many sensitive paths such as /dev/kmem or /proc/pid/mem.
• The memfd_secret system call is now allowed in the sandbox.
• The act and syslog system calls are no longer allowed in the sandbox.
• SydB☮x drops some capabilities on startup which provides added safety to the sandbox. The list of dropped capabilities are listed under Security.
• Implement --map-root command line flag to map current user to root in the sandbox. This implies --unshare-user.
• Fix the prevention of setuid/setgid files to be created in the sandbox.

3.0.16

• SydB☮x now allows the system calls setdomainname, sethostname, syslog, and signalfd4 system calls inside the sandbox.
• The stat family system calls are no fully emulated and do not suffer from TOCTOU issues.
• SydB☮x no longer allows the TIOCSTI ioctl call which can be used to write to the controlling terminal for added security.
• When SydB☮x is invoked with --unshare-user option to create a new user namespace, the creation of new user namespaces inside the sandbox is no longer allowed for added security.
• SydB☮x now allows the system calls pidfd_open and unshare.
• SydB☮x no longer allows the system calls mbind, migrate_pages, move_pages, perf_event_open, set_mempolicy, and userfaultfd inside the sandbox for added security.
• SydB☮x no longer allows setuid/setgid files to be created inside the sandbox.
• fchmod, and fchown system calls are now sandboxed.

3.0.15

• Turn on the empty alternates building Globs such that foo{,txt} in a pattern will match both foo and foo.txt.
• Take advantage of globset crate's ability to match a set of patterns at once. This way regardless of how many rules are present in a glob pattern list, such as allowlist/read, denylist/stat, SydB☮x does a single pattern match during access control. This increase performance considerably, especially for very long rulesets.
• replace glob-match crate with globset crate. globset can work directly on Paths and requires no String conversion.
• Use Path/PathBuf rather than &str/String in many places where we handle path names. This ensures path names with invalid UTF-8 in their names are handled correctly.

3.0.14

• SydB☮x now uses Landlock ABI version 3 rather than version 1. A Linux kernel running version 6.2 or newer is required to get the most out of it. However older versions also work quite well. See this table for an overview on Landlock features and the corresponding kernel version when they were implemented.

3.0.13

• esyd check now utilizes syd --check rather than stating the file /dev/syd. This way it can still detect if the process is running under SydB☮x despite the sandbox lock being on.
• esyd exec subcommand has been fixed.
• The user profile added /dev/tty to the list of read-write allowed paths for LandLock sandboxing.
• The user profile now allows read access to /var/log/journal for systemd journal access.
• esyd dump subcommand now forwards it command line arguments and pipes its output to jq if it's available.
• Security: Start emulating creat system call which prevents the TOCTOU scenario where an attacker can create a denylisted file by editing the dereferenced pointer argument after the access control but before the system call actually happens. We have an integration test, called ptrmod_toctou_creat which confirms the fix.
• The esyd helper saw some fixes, fixing deny* subcommands.

3.0.12

• SydB☮x now logs sandbox command attempts so as to better couple with esyd.
• Many improvements, fixes and documentation for the esyd helper.

3.0.11

• Added new network aliases ANY and ANY6 which match the whole Ipv4 and Ipv6 address spaces respectively.
• Security: Add NULL guards to all system call hooks which prevents potential crashes if one of the pointer arguments is 0, one of which was discovered by trinity on the getdents handler here: https://builds.sr.ht/~alip/job/1077263
• Security: Fix a crash in getdents handler discovered by trinity fuzzer in this build: https://builds.sr.ht/~alip/job/1077263
• Support compatible system call ABIs as necessary, e.g. on x86-64, we now support x86, and x32 ABIs, on aarch64 we support arm too etc. With this out of the way, the default bad architecture action has been changed to "kill process".
• Added helper script data/esyd.bash which when sourced into a bash environment, defines the convenience function esyd to interact with SydB☮x sandbox commands.
• Stat'ing the magic path /dev/syd/stat prints the SydB☮x status on standard error.
• Reading from the magic path /dev/syd/dump returns the current SydBox state as JSON. This is only available when the sandbox is not locked, or it's only available to the SydBox execve child via lock:exec.
• syd --read path may be used to canonicalize a path.
• Log messages with process ID information are now enriched with the current working directory of the process.
• lchown, and lgetxattr system calls are now sandboxed.
• Implement --list set to display the list of system calls in the given set. The supported sets are allow, deny, and hook.
• Fix BusyBox compatibility issues in integration tests.

3.0.10

• Fix unit tests

3.0.9

• Fix yet another case where a path with invalid UTF-8 would make SydB☮x panic.
• Security: SydB☮x now normalizes the path argument of the emulated open system call which prevents some jail breaks, the simplest being to invoke cat /proc/./self/status inside SydB☮x which erroneously opens the proc directory of SydB☮x rather then that of the process. We have added about 80 integration tests which test various relative paths to break the sandbox and SydB☮x passes all these tests after this fix.
• Use the paludis profile rather than the user in tests to improve reproducibility. Since the user profile parsers ~/.user.syd-3 this could cause random test failures.
• Calling a system call in an inaccessible directory would fail with EACCES even if the path argument is an absolute path. This is now fixed.

3.0.8

• Fix a panic in open system call hook for invalid UTF-8 paths.
• Add /home to the list of read-only directories for Landlock for user profile.
• SYD_NPROC environment variable can be used to configure the number of system call handler threads.
• Command options are now pretty printed in test -e /dev/syd/dump output.
• Reduce the duration of write lock contention in open system call handlers.
• Consider open calls with the flag O_CREAT for write sandboxing regardless of access mode.

3.0.7

• Use epoll rather than poll in the SydB☮x poll thread.
• Ensure the SydB☮x process supervisor does not leak the seccomp file descriptor on error conditions.
• SydB☮x's thread group id determiner function which reads /proc/pid/status would hang forever in case the process exits after we open the file but before we're finished with reading. This is now fixed.
• The --print-profile CLI option has been renamed to --print.
• Added syd --check to check if the process is running under SydB☮x.

3.0.6

• SydB☮x now honors the umask of the environment rather than setting a strict umask.
• Fix the open emulator to properly handle open calls with O_TMPFILE flag.

3.0.5

• Handle AT_EMPTY_PATH flag properly in execveat, fchownat, linkat, statx, newfstatat, and utimensat syscall hooks.

3.0.4

• The system call hook of open family system calls now properly sets umask to that of the process before emulating open so the umasks in sandbox are now properly honoured.
• Properly handle system calls with a file descriptor and an empty path as argument.
• Follow symbolic links in path resolution regardless of the system call.
• New command line option --print-profile to print the rules of the given sandbox profile.
• The sandbox profiles paludis and user have been hardened by utilizing Read Sandboxing and Stat Sandboxing. Many sensitive paths such as /proc/pid/mem, /dev/mem are both hidden and denylisted for read.
• Landlock errors are no longer fatal.
• SydB☮x has now basic support for UID/GID mapping inside user namespaces, where by default the current user is mapped with the same UID/GID inside the container.
• syd-test now changes its current working directory to a temporary directory before running integration tests. There is also a new validation in place when syd-test will refuse to run as root. This is due to the fact that the integration tests will fail randomly when run with elevated privileges.
• Use SECCOMP_IOCTL_NOTIF_ADDFD in open, openat and openat2 calls to close the TOCTOU window, providing security. Once POC for open system call which utilizes pointer modification to break out of jail has been included in the test suite and is fixed with this change.

3.0.3

• Security: SydB☮x did not check the target argument of symlink and symlinkat system calls which makes a jail break possible through a symlink attack. Two POCs, one for each system call respectively, are included in the test suite. With SydB☮x checking the target argument these breaks no longer work.
• syd -t, and syd-test now accept many of either a name regex, a test index, or a test index range as arguments to filter which integration tests to run.

3.0.2

• -H, --hostname name, -D, --domainname name added to set host, domain name of sandboxed process. This requires --unshare-uts.
• -u name, --uid=name and -g name, --gid=name options have been added to run the sandboxed process as another user.
• -A alias, --arg0=alias has been added to set an alias for the sandbox process.
• -W dir, --work-dir=dir option has been added to change into a directory before executing sandbox process.
• -C dir, --chroot=dir option has been added to chroot into a directory before executing sandbox process.
• --unshare-pid,net,mount,uts,ipc,user command line arguments have been added for namespaces support.
• --export pfc now has detailed information about the seccomp rules, and lists of allowed and notified system calls.
• The old and unused _sysctl system call is no longer allowed by SydB☮x.
• SydB☮x now reports libsecc☮mp version in --version output.
• Remove read beneath /home for landlock in user profile.
• Clean SydB☮x related environment variables from the environment of the sandboxed process.

3.0.1

• New sandboxing type Lock Sandboxing to utilize Landlock LSM.
• SydB☮x no longer sets umask to 077 for the sandbox process.
• Disable setuid system call in the sandbox for added security. Since this system call normally requires an environment with new privileges, this is not possible under SydB☮x as the sandbox has "no new privileges" flag set.

3.0.0

• Milestone: Paludis builds under SydB☮x with recommended tests using this MR.
• Sandbox command lock now defaults to exec rather than off for added security.
• allowlist/successful_bind was broken by a recent change. This is now fixed.
• The trace/memory_access command is fixed, strace -c confirms the results

3.0.0-beta.15

• Test suite now properly recognizes that it is running under SydB☮x and skips the integration tests.
• SydB☮x now properly exits with the exit code of the sandbox process and exit codes for error conditions are documented in --help.
• Fix an issue with triple star extension in path glob matches.

3.0.0-beta.14

• Fix an issue with /proc/pid/cmdline reader.
• symlink and symlinkat system call interceptors no longer check the target for access.
• Skip running integration tests when running under SydB☮x.
• lock:exec no longer waits for the initial exec call to lock the sandbox for all processes except the SydB☮x exec child.

3.0.0-beta.13

• Drop the built crate dependency.
• Drop the procfs crate dependency.
• Use the built crate without the git2 feature.
• Don't use snmalloc as the global allocator anymore. This fixes issues with static linking on Gentoo.

3.0.0-beta.12

• Fix an issue of stat sandboxing with path hiding.
• The environment variable SYD_NO_CROSS_MEMORY_ATTACH may be set to disable using cross memory attach and fallback to /proc/pid/mem.
• The environment variable SYD_NO_SYSLOG may be set to disable logging to syslog.
• Canonicalize UNIX socket addresses before sandbox access check.
• Add common system directories to the allowlist in user profile to make usage more practical.
• Add --export argument to export secure computing rules in binary Berkeley Packet Filter format and textual Pseudo Filter Code formats.
• System call hooks now use system call name and arguments to determine whether remote path canonicalization should resolve symbolic links.
• bump MSRV from 1.69 to 1.70.
• error and warn level logs are not written to standard error unless standard error is a terminal. Since logs of these levels also go to syslog this is no loss for the user. This is merely to provide convenience when running terminal user interfaces under SydB☮x.
• user profile now enables stat sandboxing with the user home directory allowlisted.

3.0.0-beta.11

• Added stat sandboxing which can be used to hide files and directories from the sandboxed process.
• The sandbox command denylist/network has been renamed to denylist/net.
• The sandbox command allowlist/network has been renamed to allowlist/net.
• The sandbox command filter/network has been renamed to filter/net.
• The sandbox command sandbox/network has been renamed to sandbox/net.
• user profile now properly allowlists screen and tmux connections.

3.0.0-beta.10

• When debug mode is enabled with SYD_LOG=debug, SydB☮x now logs all system calls with seccomp action other than Allow to the kernel log. This is useful in tackling problems with build failures.
• System calls with bad architecture know return ENOSYS rather than SydB☮x killing the thread.
• Disallowed system calls are now denied with EACCES rather than ENOSYS.
• SydB☮x now sets seccomp system call priority of hotter system calls to a higher value to improve performance.
• Fix a potential panic with /proc/self -> /proc/pid handling in remote paths.

3.0.0-beta.9

• Fix an issue with remote path canonicalization.

3.0.0-beta.8

• Consolidate error handling, making it faster and more robust.
• Various fixes and improvements for the remote path canonicalization code which makes it faster and more robust with regards to error handling.

3.0.0-beta.7

• SydB☮x now ignores the signals SIGHUP, SIGTSTP, SIGTTOU, and SIGTTIN for uninterrupted tracing.
• The user profile now sets the environment variable GIT_CEILING_DIRECTORIES to HOME to save the user from some useless and annoying access violations.

3.0.0-beta.6

• Make the user profile Exherbo friendly.

3.0.0-beta.5

• The user profile now has read and exec sandboxing enabled as well as write and network sandboxing.
• The triple star extension is applied to glob patterns, ie /dev/*** matches both /dev and any file recursively under /dev.
• When run without arguments, the home directory of the current user is now looked up from passwd(5) data rather than using the HOME environment variable.
• The clause last matching rule wins was not honored at all times. This is now fixed.

3.0.0-beta.4

• The user profile now also parses the file ~/.user.syd-3 if it exists. Note, syd uses this profile when invoked without arguments. This provides an easy way to spawn a working shell under sandbox.
• Fix UDP network sandboxing which was broken due to invalid error handling for connection-mode sockets.
• Some glob patterns in sandbox profiles paludis, and user have been fixed.

3.0.0-beta.3

• Run tests as integration tests, drop the test-bin development dependency.

3.0.0-beta.2

• Added the new user sandbox profile which allows access to user-specific directories such as HOME, and connections such as X, screen, tmux etc. When invoked without arguments, syd now drops to a shell with this profile.
• Replace regex crate with the more lightweight and performant regex-lite crate.
• Implement the cmd/exec sandbox command and the syd exec subcommand.
• Switch from glob crate to the glob-match crate for matching glob patterns.
• Fallback to /proc/$pid/mem if cross memory attach is not enabled in the kernel. Use SYD_PROC_MEM environment variable or the sandbox command trace/memory_access:1 to force /proc fallback.
• exec/kill_if_match has been renamed to exec/kill which is a breaking change.
• Set panic = abort in release builds for reduced binary size.
• Name the polling thread syd-poll.
• Better error handling, and cleaner code.
• Use parking_lot crate for Mutex, and RwLock.
• The default magic virtual device path has been updated from /dev/sydbox to /dev/syd saving three letters on each typing!! This is a breaking change.
• The core/ prefix has been removed from the configuration items core/sandbox, e.g use sandbox/exec:on rather than core/sandbox/exec:on. allowlist/successful_bind has been renamed to trace/allow_successful_bind, and allowlist/unsupported_socket_families has been renamed to trace/allow_unsupported_socket_families. Moreover the config item core/trace/magic_lock has been renamed to simply lock. This is a breaking change.
• The prefixes unix:, unix-abstract:, inet:, inet6: are no longer used in network addresses. Instead the pattern is treated as a UNIX shell style pattern if it starts with /, and as an IP address otherwise. There is no distinction between unix sockets and abstract unix sockets anymore. This is a breaking change. Check the data/ subdirectory for a sydbox.bash for use with Paludis.
• Fix a bug with remote path canonicalization.
• Access violations are logged to syslog now. Use, e.g. journalctl SYSLOG_IDENTIFIER=syd to view them.

3.0.0-alpha.2

• When run without arguments, sydbox now drops into user's current running shell allowlisting the HOME directory.
• Document the CLI option -p, --profile and add noipv4 and noipv6 profiles in addition the paludis profile. These profiles may be stacked by specifying more than one -p arguments.
• Use a Seccomp BPF filter rather than a Notify filter for fakeroot mode.
• Improve logging to achieve consistency. We have a very simple Logger which logs to standard error in format JSON lines. There are some common keys id is always syd, l gives the Log::Level as an integer whereby the lower the value of the integer the more severe is the log condition. t gives a UNIX time stamp in seconds, and ctx has short context on the log entry. Errors are represented with the err key, and system call names are given with the sys key.
• The --profile <profile-name> and --config @<profile-name> is now supported. Paludis uses the former so it is important for compatibility. The profile file is no longer installed under ${sharedir}/sydbox where {sharedir} is usually /usr/share and is kept as a static array in the program itself. In the future when sydbox-3 has an exheres we can improve on this but for now this gets us going.
• The setuid system call is now allowed in the sandbox.
• Use snmalloc as the global allocator for improved performance.

3.0.0-alpha.1

• New: Added core/allowlist/successful_bind.

  • Utilizes getsockname hook, pidfd_getfd, and process_vm_writev for complete emulation.
  • Features a TTL of 3 mins for tracking addresses to manage zero port arguments in bind() system calls.

• Improved: Refined read, write, network/{bind,connect} sandboxing.

  • Simpler implementation, yet compatible with Paludis via esandbox.
  • No per-process sandboxing or process tree tracking; uses /proc/$pid/cwd when required.
  • Single set of sandbox rules with configurations pushed upfront.
  • API Change: Replaced allow, deny modes with simpler on/off toggle.
  • core/sandbox/network can be set to bind or connect for selective sandboxing.
  • Rule matching favors the latest rule for configuration stacking.
  • Streamlined core/trace/magic_lock:exec due to lack of parent/child tracking.

• New: Introduced seccomp process supervision.

  • Implemented primarily in syd::hook and syd::remote.
  • Derived from the greenhook crate, but with a deny-by-default seccomp policy.
  • Allowlisted system calls maintained in syd::config (currently immutable by users).
  • Notable system calls like ptrace, process_vm_writev, and io-uring are disabled to counteract TOCTOU vulnerabilities.