BS - Computer Science

Linux Kernel Sandbox

Linux Kernel Sandbox

  I cannot make this system publicly available, but may be able to possibly provide the code upon request.

  Sandboxing in cybersecurity is where different parts of a system are isolated from each other to prevent malware that has infected one part of a system from reaching another. This system involves a deep modification of the Linux kernel to apply such a system.

  This system creates system calls that allows the root user to block and unblock any process from calling any other system call. So if you wanted to block an application from making the "unmount" system call and you had my system installed, you'd call something like "sudo sandbox_process <process id> <system call id>" and that application would not be able to utilize "unmount" even if it had root privileges.

  This project required a deep understanding of the Linux operating system and required deep modification of where system calls enter the kernel. This cannot done as a modular addition like most modifications to the Linux OS and needed deep changes for it to function. This shows my familiarity with Linux and the underlying functions of operating systems.

Create your website for free! This website was made with Webnode. Create your own for free today! Get started