Not really having anything specific to do yesterday, I chose to have a bit of fun with sandbox.
I ended up installing a completely clean Ubuntu 10.10 in a VM with just an ssh server running.
I then installed sanbox from my PPA and appended the following line to my /etc/ssh/sshd_config:
ForceCommand sudo /usr/bin/sandbox -c "$SSH_ORIGINAL_COMMAND"
And this one to /etc/sudoers:
ALL ALL=NOPASSWD: /usr/bin/sandbox
Then restarted sshd.
The result is that any incoming ssh connection will be sent to its own sandbox with no direct access to the disk, no network available and won’t be able to see other user’s processes.
Connecting twice over SSH will give you two shells which won’t be able to see each other.
Um, that is a *VERY* insecure sudo configuration. It allows any user to run any command as any other user (inc root) without a password.
Indeed, the sudoers config was a bit insecure, I updated the example so people reading the post won’t do it on their machine without having a specific use for it.
In my case (my VM), it wasn’t as much of a problem as only SSH access was allowed and anyone connecting was forced into a container.
So they indeed were granted root access in their container but couldn’t modify anything on the “host” unless they have some non-ssh access.
Anyway, thanks for reporting it.
> I then installed _sandbox_ from my PPA