General sandbox specs?

[Lars Hallberg]

This is something I been wondering about sens the birth usermode linux.

Would it be possable to build a sandbox, wher it is safe to download and 
run untrusted binarys?

Would it be possable to give these binarys X, sound etc access?

Net access wold defenetivly open up for trojans partisipating in 
distibuted atacs, but can the sandbox be firewalled enuff and 
automaticly monitored to make thes things hard. Some signing and trust 
handling for different 'capabillitys' might be an option.

For this to be real useful ther have to be some standarda.

* For the sandbox itself, what libs etc is avalible. Possably a 
'dependency' standard wher each pakage can tell what they need - then 
the underlaying distro can be asked if these dependencys exists and 
possably offer to automaticly install dem.

* For the pakeging of binarys to run in the sandbox. Preferably a 
tarball and an standalone XML file describing the dependencis and needed 
capabilitys, so only the XML file need to be downloded befor it is 
possably to decide if all dependencis i fullfilld an if the pakage can 
be allowed needed capabillitys.

Possably also source pakages, that will be both built an run in the 
sandbox. To my knowladge mono is not a sandbox in it self, so pakaging 
mono apps for the sandbox might also be a god thing.

Handling dependencys to other 'untrusted' pakages that need to be 
installed in the same sandbox might be a good idé. Pobably best by 
including an URI for that other pakage.

I have only fought of linux so far, but I guess this is expandable to 
some other unix systems.

But the first question is, is it att all possably, ind if, hove is it 
best done, and hove much effort is needed?

I ask her becose i think freedesktop would be a good place for thes spec 
if it is doable and if ther are som people intressted in pulling it of.

/LaH