From: Nescio N. <nes...@gm...> - 2009-11-09 09:29:40
|
Thanks Michael, I hadn't heard of UnionFS before actually. Sandboxie seems to be somewhat different though. You can 'sandbox' an application so that its writes are redirected to some safe area on disk, but when you unsandbox later, you can choose to either 'commit' some subset of the writes or discard all of them. Or is this possible with UnionFS too? In either case it's more of a tool than a filesystem. I think I went off on a bit of a tangent though. I wasn't investigating how to build a Sandboxie-clone (although it sounds like fun) but whether or not it is possible to break out of a FUSE filesystem that has been set as the root filesystem. What options are available to a regular user (not superuser)? Generalizing a bit further, I am curious about the limits of FUSE's transparency. For instance, there is a loopback filesystem example in the FUSE tar. It seems to just forward all the calls to the backing filesystem. Let's say I change the root to be this loopback filesystem. Would any applications break? If so, why? On Mon, Nov 9, 2009 at 12:30 AM, Michael Raskin <fb0...@ra...> wrote: > Jeffrey 'jf' Lim wrote: > >> as the root filesystem. How suitable is FUSE for implementing something > >> like Sandboxie (http://www.sandboxie.com/)? Has someone done this > >> already? > >> > > a chroot would achieve the same thing. What would u specifically need > fuse > > for? > > > > -jf > > Well, it is convenient not to maintain chroots separately, but just > configure unionfs writes and maybe shadow some files to prevent reading. > Now, why unionfs is not enough is another question. > > I remember preparing a Fuse-Unionfs chroot because of its runtime > configurability. I ended up with around 100 branches, though, and it had > pitiful performance (tens of stats on file access are no good..). > |