My problem is exactly same as here and here.
I am also using simple2.py for sandboxing the executable produced by this program test1.c:
#include<stdio.h>
int main(){
puts("Hello World");
return 0;
}
I am using the following command to build the executable:
gcc -static test1.c
After this if I do:
ldd a.out
I am getting the output:
not a dynamic executable
However, The result when I run the sample2.py still is
result: RF
cpu: 0ms
mem: 952kB
What exactly am I doing wrong?
On
The RF result code was most likely due to unexpected syscalls for file operations (i.e. SYS_open(), SYS_close(), SYS_stat(), ...). It so happens when (1) the target program actually does file operations, and (or) when (2) it was dynamically linked and needs to load .so libraries in runtime. Since your target program does not invoke file operations, it belongs to the latter case.
Then, to resolve the RF outcome, either,
statically link the target program to avoid dependencies on shared libraries; or,
extend the policy rules in the wrapper script to handle relevant SYSCALL / SYSRET events;
For statically linking system calls we use system call codes for ex 0,1,2 3-sys_read 1-sys_exit and so on Go through link for more details link for system call list with code : http://docs.cs.up.ac.za/programming/asm/derick_tut/syscalls.html
I change this:
x86_64=set([0,1,5,8,9,10,11,12,16,21,25,63,89,158,219,231])
for this:
x86_64=set([0,1,2,3,4,5,8,9,10,11,12,16,21,25,63,89,158,219,231,])
in sample2.py, and It works.
Modified sample2.py is available in my github repository link : https://github.com/palashmaran/libsandbox.git
I change this:
for this:
in sample2.py, and It works.