dmng
is a command line tool (written in Go) that helps you collect
and manage the list of filesystem requirements associated with
programs and scripts. Each requirement is just a path together with
the read (R
), write (W
) and execute (X
) permissions necessary to
use it. The tool currently supports Linux systems.
Why dmng
? Imagine a scenario in which binaries and scripts are
spawned by a web application through subprocesses. These binaries are
trusted by the developer, but may be potentially buggy and cause
damage to the host system. The idea is that the developer wants to
spawn these binaries in sandboxed subprocesses. dmng
helps the
developer in the definition of the least privilege policies tailored
for each binary. So the goal is to simplify and speed up policy
development.
How it works? dmng
leverages strace
and ldd
to monitor the
execution of test cases. For each test case a trace is produced and
stored into a sqlite db. Multiple traces coming from different test
cases are merged in a meaningful way, and are used to automatically
derive a policy template. Each template can be refined by the
developer via CLI (see dmng -e
to see some examples), or accepted as
is. Lastly, each template is serialized into a policy.
Go
version 1.20sqlite3
(you can install it withmake install_binaries
)
Run make
to install the dmng
executable on your system (requires
sudo privileges).
Run dmng -h
to see usage info.
Run dmng -e
to see some examples.
Run make db
to start an interactive DB session.
Install direnv
and run direnv allow
in the project directory.
Change the code and run make
to build dmng
and deploy it system
wide.
Use the tool.
Run make db
to start an interactive db session (to manually inspect
the cache).
Uninstall the tool from the system with make clean
.