AsiaBSDCon 2017 Secure CGI

Trivial example with Capsicum sandbox

Trivial example with Capsicum sandbox

    1 /* Title: Trivial example with Capsicum sandbox */
    2 
    3 #include <sys/resource.h>
    4 #include <sys/capability.h>
    5 
    6 #include <err.h>
    7 #include <stdlib.h>
    8 #include <stdio.h>
    9 #include <unistd.h>
   10 
   11 int
   12 main(void)
   13 {
   14 	cap_rights_t	 rights;
   15 
   16 	/* 
   17 	 * Limit to stdout, stderr, stdin. 
   18 	 * (We only use stdout in this application.)
   19 	 */
   20 
   21 	cap_rights_init(&rights, CAP_EVENT, 
   22 		CAP_WRITE, CAP_FSTAT);
   23 	if (cap_rights_limit(STDOUT_FILENO, &rights) < 0)
   24 		err(EXIT_FAILURE, NULL);
   25 	cap_rights_init(&rights, CAP_EVENT, 
   26 		CAP_WRITE, CAP_FSTAT);
   27 	if (cap_rights_limit(STDERR_FILENO, &rights) < 0)
   28 		err(EXIT_FAILURE, NULL);
   29 	cap_rights_init(&rights, CAP_EVENT, 
   30 		CAP_READ, CAP_FSTAT);
   31 	if (cap_rights_limit(STDIN_FILENO, &rights) < 0)
   32 		err(EXIT_FAILURE, NULL);
   33 	if (cap_enter())
   34 		err(EXIT_FAILURE, NULL);
   35 
   36 	puts("Status: 200 OK\r");
   37 	puts("Content-Type: text/html\r");
   38 	puts("\r");
   39 	puts("Hello, world!");
   40 	return(EXIT_SUCCESS);
   41 }
gcc -I/usr/local/include -static -o simple-capsicum simple-capsicum.c -L/usr/local/lib -lksql -lsqlite3