Deprecated - A seccomp sandbox go package used by MIG modules (https://mig.ninja)

Перейти к файлу

Gene Wood f17c831b30 Add deprecation notice		2022-01-12 09:49:28 -08:00
tools	Add MPL license headers and contributor credits	2016-05-09 11:04:40 -07:00
vendor/github.com/seccomp/libseccomp-golang	Fixing vendoring.	2016-01-14 21:14:54 +02:00
CODE_OF_CONDUCT.md	Add Mozilla Code of Conduct file	2019-03-29 10:08:02 -07:00
LICENSE	Add Mozilla Public License v2 to project	2015-12-30 22:18:09 +02:00
Makefile	Add MPL license headers and contributor credits	2016-05-09 11:04:40 -07:00
README.md	Add deprecation notice	2022-01-12 09:49:28 -08:00
sandbox.go	Add MPL license headers and contributor credits	2016-05-09 11:04:40 -07:00
sandbox_linux.go	Merge pull request #13 from mozilla/rewrite_checks	2016-05-09 11:10:32 -07:00
signal_handler.c	Add MPL license headers and contributor credits	2016-05-09 11:04:40 -07:00
signal_handler.h	Add MPL license headers and contributor credits	2016-05-09 11:04:40 -07:00
syscall_mappings.h	Add MPL license headers and contributor credits	2016-05-09 11:04:40 -07:00

README.md

MIG Agent Sandboxing

⚠️ Deprecation Notice ⚠️

Mozilla is no longer maintaining the Mozilla InvestiGator (MIG) project.

Mozilla is also no longer making use of this code internally.

You are welcome to use this code as is with no warranty. Please fork it to continue development.

Overview

This is the MIG Sandbox Project repository. As the name implies, it is a sandbox for the MIG Agent modules.

The implementation is written in Go, in order to be fully compatible with MIG.
Functionality is achieved by applying seccomp filters (Linux) and constructing sandbox profiles for each module to define behavior through whitelisting syscalls.

Dependencies

The following requirements must be met in order to sandbox MIG:

Go v1.5
libseccomp v2
libseccomp go bindings

Links

Official MIG Repository
Mozilla Wiki Page