Comment by rvz

8 days ago

This is no different to people rolling their own and DIY'ing custom cryptography, which is absolutely not recommended.

The question is how easy is it to bypass these DIY 'sandboxes'?

As long as there is a full OS running, you are one libc function away from a sandbox escape.

2 comments

rvz

Reply
ATechGuy  8 days ago

> As long as there is a full OS running, you are one libc function away from a sandbox escape.

Does this mean, all software in the world is just one function away from escape?

  • sargstuff  8 days ago

    Yup. Technically, just one external reference outside of the sandbox environment from within the sandbox environment ("software stargate portal address to alternate environment" / one evaluated part of the s-expression using a system() reference).

    Running software is insecure the moment the electrical switch is on / start checking out shrodingers box. Although, reverse shrodingers cat might be more accurate. aka can escape the box if someone peaks from outside the box.