We have an embedded system which supports running user plugins for our application. We already have the ability to do this in C with a user’s shared object. However, we don’t want the user to be able to grab any information from the system or do anything they absolutely don’t have to do, such as open files, sockets, and that sort of thing. As such, we have implemented a Linux seccomp filter for the program that is in charge of running plugins. Effectively, the program loads any required resources and files, then removes all syscall permissions such that any attempt to open a file, open a socket, access hardware, and so on will result in SIGKILL.
We are now trying to embed the Python interpreter (using 3.9, though we’re not really hard set on any particular version at the moment) and allow the user to write plugins in Python. However, I can’t find any good way to limit syscalls and such. So far, I have considered just using seccmp, but this will fail when modules are loaded by the plugin. I have also found the auditing API, but it seems very difficult to disallow any opening of files since it also generates and audit event for
open when opening a module file. Additionally, it would require a lot of elbow grease, as there are a huge number of audit events we would like to disallow. Finally, I don’t see any particular details on how to stop something from happening when an audit event is received.
Is there a good way to achieve what we are looking to do using the auditing API? If not, I may look into using something like bubblewrap (albeit custom-designed), but I would rather avoid that if possible.