WEBVTT

00:00.000 --> 00:18.960
All right, hello everyone, my departmental welcome to my talk, sit an introduction to secure

00:18.960 --> 00:26.320
applications and box info Linux. Before I start giving you the fish, I'll teach you

00:26.320 --> 00:33.520
how to fish, so we have a CTF game, you can go with SSH or HTTPS, you have a browser or a

00:33.520 --> 00:40.120
server, just go back, try to read the file it is CTF, sit box is the only layer between

00:40.120 --> 00:45.400
you and that file, if you get to read it there's a price and we have a git, we get

00:45.400 --> 00:51.320
several extensive documentation in the form of manual pages and mailing list and so on

00:51.320 --> 01:05.320
so, I'll just wait a bit for everyone to take a photo, all right, okay, so let's start a bit

01:05.320 --> 01:11.840
of history because I am and what XRB is and how sit box happened. I've been a free software

01:11.840 --> 01:17.640
developer for the good part of the last 20 years and I started with Gentle Linux through

01:17.640 --> 01:23.880
the Gentle Sunrise project and as some of you may know, Gentle Linux is a source place

01:23.880 --> 01:28.320
rolling noise distribution, so every user gets to compile their own software on their

01:28.320 --> 01:33.440
on machine, such as scenarios and boxes and is pretty much required to detect package

01:33.440 --> 01:39.160
build new subs. Here you should be careful, we are saying package build new subs not malicious

01:39.160 --> 01:46.320
build, it's really easy to get out of the Gentle Sunbox. So Gentle Sunbox, back in the day,

01:46.360 --> 01:51.280
I'll be pretty loud based on box and it has no network restrictions. I'll be pretty

01:51.280 --> 01:56.880
loud if you don't know is a dynamic hooking mechanism and it can be bypassed by static builds

01:56.880 --> 02:04.320
or directly running the Cisco yourself. And then XRB looks up on around 2008 and it was

02:04.320 --> 02:11.680
started by a group of extended developers with the idea to do Gentle Right. I will not go

02:11.680 --> 02:18.000
deep into XRB here but there are two working recommended watches on YouTube by Brian who

02:18.000 --> 02:24.000
started to hold things up. And for that purpose is the importance of XRB is

02:24.000 --> 02:30.160
XRB unlike Gentle has package testing on by default, so before you install each package

02:30.160 --> 02:36.640
you get to run their tests on your machine as well. And then I joined XRB around 2008 to write

02:36.640 --> 02:44.000
about the Sunbox. And Sidbox 1 was the first for stable release back then. It was written

02:44.000 --> 02:50.400
and C and was based on P3. And we had networks on box and before even network namespaces

02:50.400 --> 02:55.200
were now so it was pretty cool. We could restrict builds to loop back interface and we had

02:55.200 --> 03:04.000
XRB to limit execution of pinearies. And then Sidbox 1 is stable now and has been and

03:04.000 --> 03:10.960
is still being used as the default sandbox of XRB. And over the time I've started doing experiments

03:10.960 --> 03:19.600
and Linux has also made new achievements in terms of sandboxing such a sec compound lock and so on.

03:19.600 --> 03:24.320
And Sidbox 2 was never really released. It was based on my experiments to actually make

03:24.320 --> 03:31.760
Sidbox a security boundary. Security boundary is in both Sidbox 1 and Gentle Sandbox actually

03:32.480 --> 03:37.840
continue the system calls after the access checking the sandbox process and as such there were

03:37.840 --> 03:45.200
very well known to be weak for time of check to time of user packs. And then Sidbox 3 happened

03:45.200 --> 03:52.080
around two, three years ago I think and it was a complete, I wrote it from scratch in Rust

03:53.040 --> 03:58.960
because it was for me. Right in NC was was getting really hard and Rust was going to be

03:58.960 --> 04:06.240
a nice choice. So what is Sidbox 3? And I will say Sidvan I say Sidbox 3 we decided to

04:06.240 --> 04:12.320
make the sit slotting the binaries is easier. It's an application kernel to sandbox applications

04:12.320 --> 04:18.560
on Linux. I say the application kernel because Sidbox does not continue the system calls in

04:18.560 --> 04:23.520
the sandbox process rather runs the system calls on their own after the access check and as such

04:23.520 --> 04:28.640
is not vulnerable to time of check to time of use. It's written completely and Rust the only

04:28.640 --> 04:33.440
non- Rust dependency is lipstick on which is why they are available everywhere. You can install

04:33.440 --> 04:38.800
it with cargo make sure to pass the lock to otherwise you may get dependency issues. It's nice

04:38.800 --> 04:45.120
since GPL3 it's forever free. It requires that a lot of really old-ish Linux version 5.19 and with

04:45.120 --> 04:49.520
configs a computer which is pretty much enabled on every Linux distribution these days.

04:50.240 --> 04:55.920
The have relatively good portability across architectures we test around seven architectures in

04:55.920 --> 05:02.080
OCI and it's relatively minimal work to make Sidbox work on any market architecture given

05:02.080 --> 05:06.640
nips account has support for it because in Sidbox there is a lot of little architecture

05:06.640 --> 05:15.200
dependant code. So what is our philosophy? Sid has the idea to make

05:15.200 --> 05:20.640
Sidbox in as easy and as accessible and stack searching is with crap. You may think that

05:20.640 --> 05:26.960
is not that easy. Sid is also not that easy but once you get to know that you will understand.

05:26.960 --> 05:31.680
So we will be one of the unix philosophy to do one thing and do it well. We do sandbox in

05:31.680 --> 05:36.400
not and else because when you do system call intersection many fancy features are possible but

05:36.400 --> 05:42.800
no we try to keep it to a minimal and our idea is to give you a simple interface for all the

05:42.800 --> 05:48.000
complex sandbox and mechanisms such as sec, comp, land, lock, user namespaces and so on.

05:48.000 --> 05:52.960
These are all brittle and difficult to use but we abstract them out with a simple API and give

05:52.960 --> 05:59.200
this to you. Sid is secured by default with minimal over hat. Secured by default as in you don't

05:59.200 --> 06:04.480
need to read books to start using Sid all options in Sid has the most secure alternatives

06:04.480 --> 06:11.360
elected and if you want to want to disallow things then you need to know and then no extra

06:11.360 --> 06:16.000
probability is required. This is very important for us. We have no code in Sid that uses

06:16.000 --> 06:21.760
said to you ID, B, P, F or Linux, Canon modules or any sort of any sort of extra period of

06:21.760 --> 06:27.040
images. You can just drop to binary as it's regular user and just run it. As a logical result of

06:27.040 --> 06:32.640
this it can also be used as a logential for this one in the city of silver world already you are running

06:32.640 --> 06:41.120
Sid as a logential right now. So let's start with our basic features. We do path sandboxing like

06:41.120 --> 06:46.880
a partner does not like a ceiling of stars as such we don't label or do I not based.

06:46.880 --> 06:53.200
We do path sandboxing so we have read sandboxing and path masking, path masking means any

06:53.200 --> 06:58.960
action is performed on death now instead of to file itself and we have write sandboxing and

06:58.960 --> 07:05.600
appendomly paths. Again this is a nice example Linux does have appendomly paths as a file system

07:05.600 --> 07:12.960
like you can change with CHA to TR. However this is privileged unlike in Sid which is not privileged.

07:12.960 --> 07:18.480
Again on the city of silver the bashy story file is appendomly so good luck covering your tracks.

07:20.320 --> 07:24.480
And we have stats and boxing and path hiding so you can actually change the visibility of

07:24.480 --> 07:30.800
IEL that so it's completely invisible from the process. Here are the files and boxing to contain

07:30.880 --> 07:37.600
AIML workloads this is the fancy bit right. But it's not as fancy as in GYzer we do not actually

07:37.600 --> 07:43.120
keep track of all NVIDIA octials but we have learning mode so that gets easier. I'll show you in a bit.

07:44.240 --> 07:50.480
We have networks and boxing and we have this and we have support for Unix IPv4 IPv6 net link and

07:50.480 --> 07:56.640
channel crypt API circuits and there is some features we have application level firewall and with

07:56.960 --> 08:04.480
IP blocklists. And our category sandboxing categories are similar to those who know about

08:04.480 --> 08:10.000
latch we have refined sandbox categories. I have listed them here like you can say allow

08:10.000 --> 08:17.360
read allow write or so on like you can use all these categories for sandboxing. On top of this

08:17.360 --> 08:23.200
we have execution control and this part depends on P3s. You can completely disable this part if

08:23.200 --> 08:30.080
you want but it comes with my school days that you may be interested in. As I said it requires

08:30.080 --> 08:35.840
P3s and we have set the gap for those who know GL security or who use Harden PST even know.

08:35.840 --> 08:41.280
So GBGAT is an idea to block execution of pandaries if they are crashing the P3s. And this is

08:41.280 --> 08:47.920
a nice example where we have two different features of CID working together. We have a wide range of

08:47.920 --> 08:53.680
trigger signals from GL security so you can actually add sandboxing rules to trigger SIGBGAT.

08:53.680 --> 09:00.240
And such here is a simple rule I list of key read plus it is CIDO. If you try with this rule

09:00.240 --> 09:07.600
if you try reading it CIDO 5 times and the binary you try to read will be within I list of PIGGGAT.

09:07.600 --> 09:12.000
And then you have 4 sandboxing or verify the execution to be more exact like we have.

09:12.000 --> 09:16.880
You can verify binaries and library integrity at X2 and I'm not time. This is like very

09:16.880 --> 09:24.080
exact of net BST or Harden PST's integrity force. Harden we have a longer list of supported

09:24.080 --> 09:30.000
algorithms and again the default is the most secure one you can guess. We have trusted

09:30.000 --> 09:36.080
protection again this is similar to GL security and Harden BST. This with SIGBGAT actually

09:36.080 --> 09:42.080
prevents a lot of attack vectors such as someone, imagine someone confusing you to execute

09:42.080 --> 09:49.600
someone under TMP or such. This prevents that. And we have nice to have like we have a lot of

09:49.600 --> 09:56.960
features I cannot go through all of them here. I'll start going a bit faster. We have sandboxed

09:56.960 --> 10:02.240
lock and dynamic configuration. You can do step-by-step configuration in CIDO as you do with

10:02.240 --> 10:07.920
pledge you can run multiple pledge cones by taking away the privileges from the process and

10:07.920 --> 10:16.400
you can do the same with CIDO. You can configure CIDO from CIDO. This is the idea. And we set

10:16.400 --> 10:22.160
AT secure auxiliary vector by default like a parmode does. I think in CIDO next you can do this

10:22.160 --> 10:28.800
too. The idea is to prevent all the library penalty preload and all those from work. And

10:28.800 --> 10:36.400
another prime feature of CIDO is we reinforce positionally independent executables and therefore

10:36.400 --> 10:44.640
ASLR and also an executable stack. And you can disable based on business like you can disable

10:44.640 --> 10:50.400
32 binaries or static link binaries or dynamic binaries or even scripts. And so on these are

10:50.400 --> 10:55.840
these are all you can also set dynamically as I said. We have a deviant-like fake route with

10:55.840 --> 11:01.360
a route fake option. This one is a small one. First you must be trace force you must.

11:02.160 --> 11:07.840
You can actually force a UMask to be passed to CH mode and all that. So given you have set

11:07.840 --> 11:14.320
trace force you must 7177. The sandbox process is not actually going to make anything executable.

11:15.040 --> 11:20.800
Trace denied dot-dot is for path traversals and so on. You must be used in a web server

11:20.800 --> 11:31.920
right to attack them. And as a yes this is our first light last light and as a bonus we have

11:31.920 --> 11:38.240
landlock. You can use it with landlock. We provide a nice API for it as well and this way you can

11:38.240 --> 11:45.760
actually make a tool layout sandbox. Proxy sandbox is another one where we put the sandbox process

11:45.760 --> 11:52.400
into a network name space, bind a port to the loop back, send a port to the outside and then

11:52.400 --> 11:58.000
some pump process does the forwarding. So this way you can completely prevent DNS leaks and so on

11:58.000 --> 12:05.600
that are commonly problematic in toy usage and such. And we have memory and pits and blocks in

12:05.600 --> 12:12.080
again these are unprivileged. You should and must use control groups when you can but using control

12:12.080 --> 12:16.720
groups typically require an entity to set up the control groups and on the unprivileged entity

12:16.720 --> 12:23.120
using it. So then you don't have them you have these. Safe set IDs for safe user and group

12:23.120 --> 12:29.840
civics and so this is typically used in demons that change user to an unprivileged user. This

12:29.840 --> 12:38.320
way you can also make sick change user with it. So this is the idea and we have ghost mode

12:38.320 --> 12:43.920
is a bit of a fancy mode. For those who know second level one we'll understand ghost mode is

12:43.920 --> 12:51.600
where it actually closes the second 45 file descriptor and such there it attaches it from the sandbox

12:51.600 --> 12:58.080
process and all hooked Cisco's from that point on start to return inosis. This means you can

12:58.080 --> 13:03.040
open your files, open your connections, enter this mode and then it's all the resources you have

13:03.040 --> 13:07.600
you cannot open anything new anymore. So you can have a very confined server this way.

13:08.640 --> 13:14.240
On top of this we have namespaces and containerization and cdlci which I'm going to give another

13:14.240 --> 13:20.480
talk today. Everyone is invited in containers to have them about this. And finally we have

13:20.480 --> 13:28.960
learning mode with Pandora and that I'm going to display right now hopefully it will work. So let's see

13:29.840 --> 13:37.200
can everyone read what's written here? It's a big thought command line. I will explain to you

13:37.200 --> 13:43.520
don't don't this get. So Pandora profile is what you do actually like you can do Pandora profile

13:43.520 --> 13:49.680
unless and it will give you a file. This is how easy it is but we will actually and it will give you

13:49.680 --> 13:55.200
a profile right. I will show you a bit more about this but let's do file for x first.

13:55.200 --> 14:00.560
However, Pandora cannot figure out everything about the sandbox process so you have to pass some

14:01.120 --> 14:06.800
options to sit. And here we pass three options. One of them is a lot of unsafe memory. This is

14:06.800 --> 14:13.520
because it's sit by default enables the x restrictions memory deny right execute. And the

14:13.520 --> 14:18.880
file folks won't work with that because of just in time compilers and so on. A lot of unsafe

14:18.880 --> 14:25.280
lip see is to prevent to actually enable to prevent setting a t-secure oxidative vector,

14:25.280 --> 14:32.480
darbile aldeeperilote is usable inside the sandbox process. And Firefox has the aldeeperilote sandbox.

14:32.480 --> 14:38.800
This is how they make them use it. And allow unsafe file name is sit by default prevent

14:39.280 --> 14:48.800
prevents shell special characters in your files. However, nozzle file folks actually creates

14:48.800 --> 14:54.560
profile names with curly braces so you have to be able to do this as well. And finally,

14:54.560 --> 15:00.640
this filter rate is done to be about this is for filtering out process name changes which we also

15:00.640 --> 15:06.640
prevent because this is typically what your malware does as the first step. So I'm going to go

15:06.640 --> 15:13.920
as a private window to reach us that work now. Let's see, we have Firefox running here just normally.

15:14.480 --> 15:23.360
And let's try to play a game, just real quick, just to show you 3D also works. And I'll try to get

15:23.360 --> 15:30.000
checkmate to 3D quick. Okay, it won't work. I was hoping you five and then could be useful.

15:30.000 --> 15:36.320
But whatever. All right, so 3D is working right. So, so let's actually shut this down now and come

15:36.320 --> 15:41.440
to the fancy part. But I will take a bit to generate the profile. It takes a bit because it

15:41.440 --> 15:46.240
checks some of the binaries and so on and how it's finished. Now let's take a look, quick look at the

15:47.920 --> 15:53.120
at the profile. So these are the options we have passed manually. This is the profile directory.

15:53.680 --> 16:00.400
Pet component limit is by default 3. You can make it longer than have bigger profiles and so on.

16:00.400 --> 16:07.600
That's up to you. The cache directory, Devinal and so on. And here we see x-axis pulse, audio

16:07.600 --> 16:14.880
access and so on, access to the system bus socket and then we have Firefox. And then we have the

16:16.160 --> 16:21.920
network accesses. And here where it gets a bit funcier, right. And the Pandora does the

16:21.920 --> 16:28.240
needful to reverse the NS, so you get a comment. And here we have all the connections that

16:28.240 --> 16:34.240
it did. And even we are in private to use a private mode and only going to leaches somehow.

16:34.240 --> 16:39.680
It's still access to Google. I don't know why. But the more you just see the more you understand

16:39.680 --> 16:46.560
everyone is tracking you, even if they say they don't. Anyhow, I'll scroll a bit down to be fast.

16:47.520 --> 16:54.240
These are all the libraries and so on. I should show you the IOK. Here is the IOK request

16:54.240 --> 17:01.680
that are actually done by Firefox. These are mostly DRM requests and these are also 3D acceleration

17:01.680 --> 17:09.600
and so on. Finally, we have executable verification where you have detections of all the binaries

17:09.600 --> 17:16.080
and libraries included that Firefox type execute and these are all listed here. All right.

17:16.160 --> 17:22.240
I will not do any changes to this file and I will just try to execute Firefox with this now.

17:22.240 --> 17:29.280
And this is now running in in first mode and citizen using this profile. Now I'll try to go to

17:29.280 --> 17:38.720
leaches and as you can see it just works. But if I try to go to some other website, it's not going

17:38.720 --> 17:45.520
to work. So you can have a profile that just goes to one site like or you can also do some kind of

17:45.520 --> 17:51.040
kid mode or whatever and you just make it complete playing a game still works.

17:53.680 --> 17:56.880
Hopefully, yeah. OK, let's try it and check me to the again.

17:58.080 --> 18:07.840
No, I'm not lucky today. Anyway, this is all I have to show. And yes, thank you everyone for listening.

18:08.080 --> 18:09.120
I can take questions.

18:29.040 --> 18:32.480
OK, that's a big question. It looks one more GPL2.

18:33.440 --> 18:39.440
I should repeat the question. Why is it GPL3? Because all right.

18:39.440 --> 18:45.520
It's not as long as GPL2, we upgraded it to GPL3 and GPL as far as I know is the only

18:45.520 --> 18:54.640
only license test on court, like real life use it. So that's the only license that I trust.

18:54.640 --> 19:00.160
But I'm not to have angelic licenses to be honest, but test one, that's free and that's test on court.

19:02.480 --> 19:09.760
We have one question from the metrics channel. What a very thing system is best to build this

19:09.760 --> 19:17.600
on and what are your requirements? OK. Yes, it's still only works on Linux because it depends on

19:17.600 --> 19:25.280
second, but architecture, why you can't run it on any architecture 32 bit 64 bit is fine. Apart from that,

19:25.280 --> 19:31.120
sit by default only use neat second. And this is by default enabled in almost every canvas.

19:31.120 --> 19:36.000
You don't need to enable anything. If you need to enable landlocked, then you need to enable

19:36.000 --> 19:41.200
config landlocked and add landlocked to config LSM. That's only need to get it set up there.

19:42.800 --> 19:48.880
Yes, please. Do you have any docs where I could start reading and start to get interested?

19:49.600 --> 19:55.600
Yes, go to Monday, take some Linux.org. You can also get them installed. I should have the

19:55.600 --> 19:59.680
piece of the question here. Why can I learn more about sit was the question? I'm sorry,

19:59.680 --> 20:07.680
this is my first talk. We have extensive manual pages and they're also converted to HTML. So

20:07.680 --> 20:14.000
just go to Monday, like said, Linux.org. Start with sit that seven and sit that two manual pages.

20:14.000 --> 20:19.440
You learn a lot and just come over. I'll see you and ask if you want. Yes, please.

20:20.400 --> 20:29.680
Do I have performance numbers? I do have performance numbers. It's on in the GIT-3 benchmark.

20:29.680 --> 20:35.120
Director, you can check them out, but the typically sit comes with 10 to 15 percent of our head.

20:37.120 --> 20:42.480
We have also one follow-up question on the metrics about the requirements that like the

20:42.480 --> 20:47.200
mask moon was trying to run at them that they didn't work for.

20:47.200 --> 20:52.880
If you can follow-up on the metrics. All right, all right. I'll do that. I'll do that. Oh, sure, sure.

20:52.880 --> 20:54.880
Any other questions in the audience here?

20:57.040 --> 20:57.760
Yes, please.

20:59.760 --> 21:03.600
The profile is established. Yes. Yes, of course.

21:03.600 --> 21:12.640
Exactly. You can just delete the Google there and just run sit like that and it will. It's

21:12.640 --> 21:17.040
only able to access Google anymore. It says something out of generated. I want to show you learning

21:17.040 --> 21:22.160
what makes this very easy, but you can do whatever you want with the profile. It's just a text-based profile.

21:30.560 --> 21:31.040
Yes, please.

21:34.400 --> 21:41.200
There is no panel component. Yes. Does it work?

21:41.200 --> 21:45.360
Quantity and user space is the question. Yes, it is just a simple

21:45.360 --> 21:49.360
unique tool. You don't need to say to ID. You don't need to be here. If you don't need that,

21:50.160 --> 21:54.880
and everything works as an unprivileged user, so you don't need anything for this.

21:58.880 --> 22:01.600
Any other questions? Yes, please?

22:04.480 --> 22:15.200
Yes, yes. Yes, of course. Let me repeat the question. I'm wrong.

22:16.960 --> 22:22.000
About the dynamic configuration, the question is how to do that, actually. It's really easy,

22:22.000 --> 22:28.960
and you can do it with the shelters. The idea is to make static requests under the virtual pad devsit.

22:28.960 --> 22:35.280
So you do devsit, allow it, it is easy, for example, and you start this pad. And starting means

22:35.280 --> 22:40.880
test-minacy, for example, in your shell or anything you can use. You can use shells. We also have

22:40.880 --> 22:47.520
lip-sit, you can use for this for the API. But it's pretty easy, and this is what we use in

22:47.520 --> 22:54.480
acceptable. We use computer utilities for this. Yes, what you see any advantage in running

22:54.480 --> 23:00.160
sit in a containerized environment for software that is happening in the cloud.

23:00.160 --> 23:09.680
Okay, if you're underpitting the question, if you see this, is a good idea to run in containerized environments.

23:09.680 --> 23:15.280
This is more of a question for the next talk that I'm going to display that. And the answer is yes,

23:15.280 --> 23:19.920
you can just use sitit, it's just a general purpose sandbox. You can use it with containers or not.

23:20.480 --> 23:25.360
So yeah, the short answer is yes, the long answer is your welcome to the next talk.

23:33.840 --> 23:35.840
Thank you.