Skip to content

Lind-Project/lind_project

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,187 Commits
.github
.github
 
 
docs
docs
 
 
lind
lind
 
 
src
src
 
 
tests
tests
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Lind Build Status Build Status

Lind is a single-process sandbox that provides an option to safely execute programs and control its resource (network, file, memory, cpu, etc.) usage at the process granularity. Lind executes applications in an isolated environment from the rest of the applications in the system, and thus limits the damage of bugs or security flaws in the application.

For high level documentation, please go to the main documentation for the project.

Lind is currently a work in progress, please bear with us while features are being implemented.

Building with Docker

Base and pre-built docker images for the SDK toolchain can be fetched from the Docker Hub Lind repository at securesystemslab/lind with docker pull securesystemslab/lind.

You can either make run or start the container yourself using:

docker pull securesystemslab/lind
docker run --privileged --ipc=host --init --cap-add=SYS_PTRACE -it securesystemslab/lind /bin/bash

The --privileged option is so that /proc is writable, the --ipc=host option is needed to avoid mounting /dev/shm with noexec (NaCl needs to be able to execute mmap()'d sections of /dev/shm) and the --cap-add=SYS_PTRACE allows debugging with applications that use ptrace() such as gdb.

Building from Scratch

Check out our scratch build wiki, here: Building Lind from Scratch

Security Issues and Bugs

Security issues can be reported by emailing [email protected].

At a minimum, the report must contain the following:

  • Description of the vulnerability.
  • Steps to reproduce the issue.

Optionally, reports that are emailed can be encrypted with PGP. You should use PGP key fingerprint E9C0 59EC 0D32 64FA B35F 94AD 465B F9F6 F8EB 475A.

Please do not use the GitHub issue tracker to submit vulnerability reports. The issue tracker is intended for bug reports and to make feature requests.

Instructions for Contributors

Development of Lind occurs on the "develop" branch of this repository. Contributions can be made by submitting GitHub Pull Requests. Take a look at our development guidelines for detailed instructions. Submitted code should follow our style guidelines and must be unit tested.

Contributors must also indicate acceptance of the Developer Certificate of Origin (DCO) by appending a Signed-off-by: Your Name <[email protected]> to each git commit message (see git commit --signoff).

Acknowledgments

This project is managed by Prof. Justin Cappos and other members of the Secure Systems Lab at NYU.

About

Lind: Secure Lightweight Adaptive Isolation

hub.docker.com/r/securesystemslab/lind

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

23 stars

Watchers

10 watching

Forks

8 forks
Report repository

Releases

2 tags

Packages

No packages published

Contributors 18

+ 4 contributors

Languages