-1

I am developing a sandbox on linux. And now i am confused terminating all process in the sandbox. My sandbox works as follows: At first only one process run in the sandbox. Then it can create several child process. And child process will create their subprocess also. And parent process may exit at some time before its children exited. At last sandbox will terminate all the process.

I used to do this by using killall or pkill -u with a unique user attached to the sandbox.But it seems doesn't work on the program which uses fork() fastly.

Then I search for the source code of pkill and realized that pkill is lose of atomicity.

So how could i achieve my goal ?

user2669704
  • 49
  • 2
  • 4

1 Answers1

2

You could use process groups setpgid(2) and sessions setsid(2), but I don't qualify what you do as a sandbox (in particular because if one of the processes is setuid or change its process group or session itself, you'll lose it; read execve(2) carefully and several times!). Notice that kill(2) with a negative pid kills an entire process group.

Read a good book like Advanced Linux Programming. Consider also using chroot(2).

And explain what and why you really want to do. sandboxing is harder that what you think. See also capabilities(7), credentials(7) and SElinux.

Basile Starynkevitch
  • 223,805
  • 18
  • 296
  • 547
  • I want to develop a website like the OnlineJudge. That's kind of website serves the college student at the algorithm contest like ACM/ICPC.e.g. [link](http://www.poj.org) The website allows users to submit their code for some problem. then run the code on the server. At last, reply the result of problem. I want to develop a sandbox to prevent the demage of malicious code. – user2669704 Aug 15 '13 at 13:11
  • I had read the setpid(2),setsid(2),chroot(2) .. the solution I used now is ptrace(2) but I think it may cause the low performance. Do you have any good suggestion? – user2669704 Aug 15 '13 at 13:14
  • The only problem to use kill(2) with the negative pid is after the program call setuid(2) the program will be killed by the malicious code at first. – user2669704 Aug 15 '13 at 13:29