Security/Automation/Winter Of Security 2015/MIG Agent Sandboxing: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(→‎Roadmap: Minor changes to roadmap)
(→‎Success Criteria: Added success criteria)
Line 17: Line 17:


=== Success Criteria ===
=== Success Criteria ===
* TODO
This project is successful if it provides an implementation which successfully manages to sandbox the MIG Agent, via the Go language and Seccomp library. The targeted operating system is Linux, with MacOS and Windows as possible objectives to be considered.


=== Roadmap ===
=== Roadmap ===

Revision as of 14:30, 6 October 2015

WinterOfSecurity logo light horizontal.png

Team

Introduction

TODO

Members

  • Teodora Băluță
  • Vladimir Diaconescu
  • Constantin-Alexandru Tudorică
  • University Advisor: Răzvan Deaconescu
  • Mozilla Advisors: Aaron Meihm, Guillaume Destuynder

Project

Mozilla InvestiGator (MIG) is a digital forensics platform used by Mozilla to monitor the security of servers. MIG deploys an agent on systems that is used to maintain the security of the infrastructure. The agent currently runs as root in order to run investigation modules that have low-level access to the system. The goal of this project is to sandbox the MIG Agent on Linux in a way that allows each part to perform investigative work while having as little privileges as possible. The team will have to use the Linux Seccomp mechanism, and the existing Go library, to implement a sandbox in the Agent. If possible, the team will also evaluate sandboxing on MacOS and Windows.

Success Criteria

This project is successful if it provides an implementation which successfully manages to sandbox the MIG Agent, via the Go language and Seccomp library. The targeted operating system is Linux, with MacOS and Windows as possible objectives to be considered.

Roadmap

  1. Investigation:
    • Go language beyond the basics
    • Building, deploying and running MIG
    • Digging into MIG; MIG internals, architecture
    • Investigate Windows and Mac OS X sandboxing solutions
  2. Design:
    • Aim for generic sandboxing solution (portable, working on multiple sandboxing "back-ends")
    • Create generic sandbox requirements for MIG agent: filesystem access, network
    • Create a whitelist approach for creating a sandbox profile
    • Decide on sandbox applying flow for MIG agent; what is the flow for a MIG agent to run inside the sandbox (fork, exec, scripts, wrapper calls etc.)
  3. Implementation:
    • Implement minimal sandbox for Linux seccomp using Go
    • (optional) Port/implement sandbox for Mac OS X, Windows
  4. Testing and Evaluation:
    • Measure resource consumption and overhead
    • Validate implementation using existing unit tests
    • Investigate ways of validating sandboxed apps: is an app running correctly when compared to a sandboxed app

Updates

Retrieved from "https://wiki.allizom.org/index.php?title=Security/Automation/Winter_Of_Security_2015/MIG_Agent_Sandboxing&oldid=1099376"