Jail and monitor your applications
Seamless Overview

© Lead Image © hywards, 123RF.com
Software from unknown sources always poses some risks. With the strace analysis tool and the Firejail sandbox, you can monitor and isolate unknown applications to safeguard your system.
Malware can occasionally become an issue for Linux users. If you download software package from third-party providers then install them manually rather than relying on a distribution's official standard repositories, you need to trust the provider. If you aren't sure, you can monitor these programs to check which files they open and which network connections they establish. Starting these tests in a sandbox also denies the program access to your physical system and private configuration files. This article looks at strace
as a monitoring tool and Firejail as a sandbox.
Finding Traces
The strace
[1] system call tracer can be used to discover which software accesses which files. As an example, I'll show you how to use strace
to find out which files the passwd
command opens when you change your password.
Open two terminal windows and enter passwd
as a normal user in one window. Do not answer the prompts for the time being. Instead, pop up a second terminal and enter as root:
[...]
Buy this article as PDF
(incl. VAT)