A suid helper to let a process willingly drop privileges on Linux.

The Chrome/Chromium Linux sandbox is based on this code and design.

It will allow a process to execute a target executable that will be able to drop privileges:

• the suid sandbox will create a new PID namespace or will switch uid/gid to isolate the process
• a helper process, sharing the filesystem view of the existing process, will be created. It will accept a request to chroot() the process to an empty directory

This is convenient because an executable can be launched, load libraries and open files and get chroot()-ed to an empty directory when it wants to drop filesystem access.

This presentation has more information.

Be sure to check the limitations in the README file as this can be dangerous.

You can contact us at this address.