- naming: pkgfile mbox || echo looks like a good name
- support: sorry, I don't have Mac or Windows.
$ mbox -- git checkout file
(I don't have pkgfile but I think the above command would echo the string). I do understand that naming a program is every day harder, but mbox is a really famous format, the de facto standard for storing e-mails. Please consider a different name for your impressive program.
So far mbox is pretty awesome. Installed a bunch of rootless memory scrapers with a regular user account to see what it can do. Another, ephemeral sandbox I use is PrivExec http://www.onarlioglu.com/privexec/
I'd like to ask, are there any caveats?
Next time try google/duckduckgo/bing instead of the narrowest tool you can think of. ;)
This is a cool idea.
Stop executing pid=20987: It's not allowed to call mmap on 0x400000
./mbox -- wget google.com
Stop executing pid=14629: It's not allowed to call mmap on 0x400000
Linux colossus 3.12.9-2-ARCH #1 SMP PREEMPT Fri Jan 31 10:22:54 CET 2014 x86_64 GNU/Linux
I wonder how hard it would be to port it to dtrace (also dtrace would defeat the not needing root requirement).
although macs already include a sandbox i find it everything but intuitive to use. it's already ridiculously complicated to setup. see ironfox as reference . since you have to allow all sorts of mach port process execution pasteboard mach port access, etc.
check this app, which is allowed to play music and access the clipboard, but not access the internet. 
Alternatively they could use unshare and aufs to overlay another filesystem on top of a read-only root.
The benefit mbox has over unshare+aufs is that mbox doesn't require root privileges.
apt-cache search mbox | wc -l
$ apt-cache search mbox | tail -1
libetpan16 - mail handling library
search regex... search performs a full text search on all available
package lists for the POSIX regex pattern given, see regex(7). It
searches the package names and the descriptions for an occurrence of the
regular expression and prints out the package name and the short
description, including virtual package names.(...) if --names-only is
given then the long description is not searched, only the package name
Interestingly aptitude search and apt-cache search --names-only doesn't give quite the same results on my box (apart from the fact that aptitude also lists 32bit "i386" packages). But they're almost the same.
As for the names:
$ aptitude search mbox|grep -v i386 -c
$ aptitude search mbox|tail -1
p yahoo2mbox - Retrieve and store Yahoo! Groups messages
A Solaris / OpenSolaris / Illumos analogy is to compare running a process in a new Zone (which is like a FreeBSD Jail or a Linux LXC/OpenVZ container), versus running a process in an existing Zone but using ppriv(1) to selectively drop privileges usually given to processes by default, such as network access, file read/write, exec, etc. One is in what looks like its own OS instance, while the other is in the parent OS instance but sandboxed. The analogy isn't quite complete because the ppriv(1) approach doesn't lie to processes that try to violate the permissions like Mbox does; instead it just denies their attempts to do something that violates policy (such as opening a file). So, it might cause sandboxed processes to crash, rather than letting them complete with faked completion.
Actually, this is really a good idea. I hadn't realized that non-root users can't start their own Docker images, which I think could be a killer application. Perhaps if the overhead from something like Mbox is low enough, this could be feasible. As it is, I'm not sure I'm willing to fork over the extra ~20% overhead, just to have my applications running in a sandbox, but this could be a good method to distribute complete environments.
Read this https://github.com/dotcloud/docker/issues/1369
> Why 20% on tar? just rewriting path arguments doesn't
seem to be demanding work.
Is most of that the overhead from syscalls being filtered by seccomp/BPF?
I wonder if there's value in creating a library for intercepting filesystem operations via ptrace...
It uses ptrace and seccomp-bpf.
Too bad both the deb link and makefile are broken.
post clone update: no i686 support.