Jail and monitor your applications

Seamless Overview

© Lead Image © hywards, 123RF.com

© Lead Image © hywards, 123RF.com

Article from Issue 281/2024
Author(s):

Software from unknown sources always poses some risks. With the strace analysis tool and the Firejail sandbox, you can monitor and isolate unknown applications to safeguard your system.

Malware can occasionally become an issue for Linux users. If you download software package from third-party providers then install them manually rather than relying on a distribution's official standard repositories, you need to trust the provider. If you aren't sure, you can monitor these programs to check which files they open and which network connections they establish. Starting these tests in a sandbox also denies the program access to your physical system and private configuration files. This article looks at strace as a monitoring tool and Firejail as a sandbox.

Finding Traces

The strace [1] system call tracer can be used to discover which software accesses which files. As an example, I'll show you how to use strace to find out which files the passwd command opens when you change your password.

Open two terminal windows and enter passwd as a normal user in one window. Do not answer the prompts for the time being. Instead, pop up a second terminal and enter as root:

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Firejail

    Firejail enhances security by isolating programs and processes in separate jails and thus regulating access to the filesystem.

    more »
  • Command Line – Firejail

    Firejail makes sandboxing as easy as typing eight letters in front of a command.

    more »
  • Laptop Security

    Linux is quite secure compared to the alternatives, but you'll need a few additional steps if you really want to lock it down. We'll introduce you to some practical tools for antivirus protection, firewall configuration, and sandboxing.

    more »
  • strace

    Get started with strace by examining a pair of "Hello World" programs. Next month, in the second part of this two-part series, I'll take a deeper look at strace output.

    more »
  • Practical strace

    After "Hello World," you really need to look at system calls in more detail. In this second of two articles, we'll look at debugging in the real world.

    more »
comments powered by Disqus