개요

• 솔라나라에 설명된 어플리케이션에 대해 맨 페이지를 찾아 출력한다.
• MAN 페이지에 대한 설명은 윈디하나의 솔라나라: MAN 페이지을 참고하자.
• svcadm(8)을 검색하려면 섹션에서 8 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.

sandbox(1)

sandbox(1)                       User Commands                      sandbox(1)



NAME
       sandbox - execute programs in a restricted environment

SYNOPSIS
       sandbox -s sandboxname [command]


       sandbox [-n] [-l clearance] [command]

DESCRIPTION
       The  sandbox  command  can  be used to execute programs in a restricted
       environment. By default it starts a restricted  shell  with  a  reduced
       process clearance.


       If  sandboxname  is  specified  with the -s option, then the command is
       started with the process attributes and the home  directory  associated
       with  the  specified  sandbox.  Such sandboxes are created by using the
       sandboxadm(8) command. Although entering a sandbox is  an  unprivileged
       operation,  the  calling  process must have the appropriate user id and
       clearance. For an overview see sandboxing(7).


       The remainder of this section applies when sandboxname  is  not  speci‐
       fied.  The  sandbox command should be executed in a subdirectory of the
       user's home directory which contains no sensitive files.


       The restricted shell is started  in  a  new  session.  By  default,  it
       reduces  the  current  basic  privilege set. It drops the proc_info and
       proc_session process privileges to prevent  access  to  other  programs
       running as the user. It sets an extended policy on the proc_exec privi‐
       lege to prevent execution of programs unless they  are  either  in  the
       current directory or under the /usr directory.


       If  the  -n option is specified, it also drops the net_access privilege
       to prevent any use of networking.


       By default, it lowers the user's process clearance to ADMIN_LOW to pre‐
       vent  access to labeled files such as those in multilevel ZFS datasets.
       Alternatively, the user can specify any  label  that  is  dominated  by
       clearance.


       Prior to starting the sandbox, the user may use the setlabel(1) command
       to upgrade files and directories in the home directory,  so  that  they
       are inaccessible to processes running in the sandbox.

EXAMPLES
       Example 1 Running Firefox in a Restricted Environment


         ~alice:$ cd playground
         ~alice/playground:$ sandbox firefox


       Example 2 Examining the Process Credentials


         ~alice:$ cd playground
         ~alice/playground:$ sandbox -n
         ~alice/playground:$ ppriv $$
         103889: /usr/bin/bash --login
         flags = PRIV_XPOLICY
              Extended policies:
                   {proc_exec}:/export/home/alice/playground
                   {proc_exec}:/usr/*
              E: basic,!net_access,!proc_exec,!proc_info,!proc_session
              I: basic,!net_access,!proc_exec,!proc_info,!proc_session
              P: basic,!net_access,!proc_exec,!proc_info,!proc_session
              L: all
         ~alice/playground:$ plabel $$
         103889: ADMIN_LOW


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab()  box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
       TRIBUTE VALUE _ Availabilitysystem/file_labeling


SEE ALSO
       plabel(1), setlabel(1), privileges(7), sandboxing(7), sandboxadm(8)

HISTORY
       The sandbox command was added in Solaris 11.4.0.



Oracle Solaris 11.4               21 Jun 2021                       sandbox(1)