Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

How can I limit the size of an SELinux Sandbox's home directory?

I've recently been experimenting and playing with SELinux sandboxes, and they are a great tool for things like safe code evaluation (think sites like tryruby.org and tryclj.com).

I was wondering if it's possible to limit the maximum size of a sandbox's home directory. I know that it's possible to limit CPU usage and RAM usage in /etc/sysconfig/sandbox. man selinux.conf doesn't seem to show any such variables to tweak for disk size. Would this involve making a policy and using that instead of sandbox_x_t?

Thanks.

click to hide/show revision 2
Made the underscores show in the type name.

How can I limit the size of an SELinux Sandbox's home directory?

I've recently been experimenting and playing with SELinux sandboxes, and they are a great tool for things like safe code evaluation (think sites like tryruby.org and tryclj.com).

I was wondering if it's possible to limit the maximum size of a sandbox's home directory. I know that it's possible to limit CPU usage and RAM usage in /etc/sysconfig/sandbox. man selinux.conf doesn't seem to show any such variables to tweak for disk size. Would this involve making a policy and using that instead of sandbox_x_t?

Thanks.