FreeBSD Sandbox

Top-level Files of tip
Login

Files in the top-level directory from the latest check-in


FreeBSD Sandbox

A simple sandboxing script for FreeBSD using chroot, allowing you to run untrusted scripts or binaries on your system while limiting the attack surface. Based on my sandbox for Linux script. Note that the primary goal is to prevent access to your home directory, not to secure against all possible attacks.

Features

Installation

Copy the sandbox.sh script into your path, e.g. ~/bin or /usr/local/bin. The sudo package is required.

Usage

Simply cd into a directory you want and then run sandbox.sh. You can also pass a command to run as arguments, e.g. sandbox.sh firefox https://freebsd.org

To install packages into the sandbox, create a file called pkg.packages with one package per line.

Use cases

Limitations

Contact

Toby Kurien