Skip to content

feat: add sandboxing for activation scripts #1156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

feat: add sandboxing for activation scripts #1156

wants to merge 4 commits into from

Conversation

mrswastik-robot
Copy link
Contributor

This PR tries to add the sandbox functionality to the activation process, enhancing the by restricting what activation scripts can access on the filesystem.

I don't know whether it's the right approach or not, would need suggestions from the team here, but I have used a dual-approach here - a Production Mode for which is the implementation part is given below, and a Test Mode which bypasses the sandbox for testing in CI environments.

Implementation Details:

  • Production Mode: Uses rattler_sandbox to create a secure sandbox environment with defined exceptions.
  • Test Mode: Bypasses the sandbox for testing in CI environments.
  • Created a run_in_sandbox function that:
    • Takes a command and optional environment variables.
    • Restricts filesystem access to specific paths (/bin, /usr/bin, /lib, etc.) .
    • Allows read/write access only to the temp directory and executable.
  • Added platform detection via is_sandbox_supported() (Linux and macOS on x86_64/aarch64).
  • Modified Activator::run_activation to use the sandbox when sandbox_mode is enabled.
  • Added a constructor function in lib.rs using the ctor crate that calls rattler_sandbox::init_sandbox() when the crate is loaded in test mode.

I know the code and may be the approach is far from perfection so would love to get the feedback from the team and I will be more than happy to make the requested code changes!

@mrswastik-robot mrswastik-robot changed the title first try at implementing sandbox for activation scripts feat: add sandboxing for activation scripts Mar 12, 2025
@wolfv
Copy link
Contributor

wolfv commented Mar 13, 2025

Wow this is a lot of code already, quite amazing!

I haven't had time to look into it in detail, but I have this following thought:

Scripts should be able to advertise that they can run in sandbox mode (e.g. if it's just export foobar=$PREFIX/bla. Rattler should then be able to be configured to only execute "sandboxable" scripts.

I think we could add this metadata as a comment line (similar to a shebang). So a script could read something like:

#!/bin/bash
# sandbox: true

export FOOBAR=1234

And maybe in the future, it could be something like # sandbox: fs-read:~ fs-read-write:/tmp or so, to add exceptions.

@mrswastik-robot
Copy link
Contributor Author

Wow this is a lot of code already, quite amazing!

I haven't had time to look into it in detail, but I have this following thought:

Scripts should be able to advertise that they can run in sandbox mode (e.g. if it's just export foobar=$PREFIX/bla. Rattler should then be able to be configured to only execute "sandboxable" scripts.

I think we could add this metadata as a comment line (similar to a shebang). So a script could read something like:

#!/bin/bash
# sandbox: true

export FOOBAR=1234

And maybe in the future, it could be something like # sandbox: fs-read:~ fs-read-write:/tmp or so, to add exceptions.

thanks @wolfv, yup I do agree we should move in this direction, for now the current implementation has a boolean sandbox_mode which is a simple on/off switch that applies to the script.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mrswastik-robot @wolfv