View Full Version : virt-sandbox
22nd April 2012, 05:11 PM
I tend to open pdf and chm type files alot
I want if someone opens those type a file that the program to run on virt-sandbox automatically.
Can someone help?
thanks in advance.
22nd April 2012, 05:35 PM
If you have "policycoreutils-sandbox" installed then something like this should work for pdfs:
alias evince="sandbox -X -t sandbox_web_t evince"
You can change the sanbox type from web to one of the other 3-4 available and add window size if so desired.
Hope this helps,
22nd April 2012, 06:26 PM
thanks for your help. But doesn't sandbox_web_t allow web access?
I dont want evince files to access the web because It might contain malicious code..
22nd April 2012, 06:56 PM
Yes it does allow web access on port 80 and 443 I think. Here is a list of sandbox predefined types:
Policy defines the following types for use with the -t:
Of course you can create your own type also or set MCS/MLS level for s sandbox and alternate directories.
EDIT: I should mention that it allows for internet access but still has a chroot environment.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.