[SOLVED] safely run a downloaded binary

b4283 · 2009-07-26 03:10:44

Hi,
i'm wondering that there are security risks when i'm running linux binaries downloaded from the internet.
suppose that there's a C program which is designed to destroy everything under my home directory (~/).

of course its not gonna destory my system because of permission problems, but, all other important stuff are gone as well.

so, is there a way to run a binary safely under linux (just like in VMs)?

Last edited by b4283 (2009-07-26 03:15:45)

b4283 · 2009-07-26 03:13:19

i have to apologize for the silly question that i just found out a stupid answer for myself.

all i have to do is use su to switch to another not so important user

Xyne · 2009-07-26 03:19:03

b4283 wrote:

so, is there a way to run a binary safely under linux (just like in VMs)?

Maybe I'm missing something obvious, but if you want to run it safely "just like in VMs", why don't you run it in a VM?

You could also run it as another user with restricted permissions to protect your own home directory. I think you can also use chroots to limit what it can do, but I don't know.

You're probably better of not running anything that you don't trust though. Even if you don't notice anything, it might be doing something nasty or be configured to wait until it does.

*edit*

b4283 wrote:

i have to apologize for the silly question that i just found out a stupid answer for myself.
all i have to do is use su to switch to another not so important user

I really need to learn to refresh the page before replying.

Last edited by Xyne (2009-07-26 03:20:16)

b4283 · 2009-07-26 08:49:20

Xyne wrote:

I really need to learn to refresh the page before replying.

lol. thanks for replying anyways, your gave other solutions as well, so it's pretty useful too.

ngoonee · 2009-07-26 13:21:27

chroot is the simplest way to do it, really.

szymon_g · 2009-07-27 11:31:12

you can always use AppArmor or TOMOYO - thanx that you will know which files binary has an access to.
and, as was written earlier, you can always use chroot- or standard, linux chroot or modified chroot provides by kernel patched by grsecurity.

b4283 · 2009-07-28 01:33:39

ngoonee wrote:

chroot is the simplest way to do it, really.

but don't you need to setup a whole root directory to make chroot work ?

Wintervenom · 2009-07-28 01:54:47

b4283 wrote:

ngoonee wrote:
chroot is the simplest way to do it, really.
but don't you need to setup a whole root directory to make chroot work ?

The pro is that is less work and overhead than setting up an entire operating system to do this in a virtual machine. The con is that it still gets access to your devices and disks if the process gets root.

Last edited by Wintervenom (2009-07-28 01:58:18)

krolden · 2009-07-29 12:02:40

alternatively you can try to analyse the binary. Run strings against it, etc. before running the binary

IIRC there is a page on phrack on analysing binary files.

esh · 2009-07-29 16:51:08

krolden wrote:

alternatively you can try to analyse the binary. Run strings against it, etc. before running the binary

I know Linux users are meant to be geeks, but really....

Arch Linux

#1 2009-07-26 03:10:44

[SOLVED] safely run a downloaded binary

#2 2009-07-26 03:13:19

Re: [SOLVED] safely run a downloaded binary

#3 2009-07-26 03:19:03

Re: [SOLVED] safely run a downloaded binary

#4 2009-07-26 08:49:20

Re: [SOLVED] safely run a downloaded binary

#5 2009-07-26 13:21:27

Re: [SOLVED] safely run a downloaded binary

#6 2009-07-27 11:31:12

Re: [SOLVED] safely run a downloaded binary

#7 2009-07-28 01:33:39

Re: [SOLVED] safely run a downloaded binary

#8 2009-07-28 01:54:47

Re: [SOLVED] safely run a downloaded binary

#9 2009-07-29 12:02:40

Re: [SOLVED] safely run a downloaded binary

#10 2009-07-29 16:51:08

Re: [SOLVED] safely run a downloaded binary

Board footer