programs: sandboxer: allow disable net access

2024-02-08 21:07:34 +00:00 · 2024-02-08 21:07:34 +00:00 · bc85169e3d
commit bc85169e3d
parent 7b9b3344a0
3 changed files with 36 additions and 14 deletions
--- a/modules/programs/default.nix
+++ b/modules/programs/default.nix
@ -54,7 +54,14 @@ let
            whitelistPwd
            wrapperType
          ;
-          vpn = if net == "vpn" then vpn else null;
+          netDev = if net == "vpn" then
+            vpn.bridgeDevice
+          else
+            net;
+          dns = if net == "vpn" then
+            vpn.dns
+          else
+            null;
          allowedHomePaths = builtins.attrNames fs ++ builtins.attrNames persist.byPath ++ sandbox.extraHomePaths ++ [
            ".config/mimeo"  #< TODO: required, until i fully integrate xdg-open into sandboxing. else, `xdg-open https://...` inifinite-loops.
          ];
@ -214,12 +221,13 @@ let
        '';
      };
      net = mkOption {
-        type = types.enum [ "clearnet" "vpn" ];
+        type = types.enum [ null "clearnet" "vpn" ];
        default = "clearnet";
        description = ''
          how this app should have its network traffic routed.
-          - "clearnet" for unsandboxed network.
-          - "vpn" to route all traffic over the default VPN.
+          - "clearnet": for unsandboxed network.
+          - "vpn": to route all traffic over the default VPN.
+          - null: to maximally isolate from the network.
        '';
      };
      sandbox.method = mkOption {
--- a/modules/programs/make-sandboxed.nix
+++ b/modules/programs/make-sandboxed.nix
@ -229,7 +229,7 @@ let
    };
  });

-  make-sandboxed = { pkgName, package, method, wrapperType, vpn ? null, allowedHomePaths ? [], allowedRootPaths ? [], autodetectCliPaths ? null, binMap ? {}, capabilities ? [], embedProfile ? false, embedSandboxer ? false, extraConfig ? [], whitelistPwd ? false }@args:
+  make-sandboxed = { pkgName, package, method, wrapperType, netDev ? null, dns ? null, allowedHomePaths ? [], allowedRootPaths ? [], autodetectCliPaths ? null, binMap ? {}, capabilities ? [], embedProfile ? false, embedSandboxer ? false, extraConfig ? [], whitelistPwd ? false }@args:
  let
    unsandboxed = package;
    sane-sandboxed' = if embedSandboxer then
@ -253,22 +253,25 @@ let

    capabilityFlags = lib.flatten (builtins.map (c: [ "--sane-sandbox-cap" c ]) capabilities);

-    vpnItems = [
+    netItems = lib.optionals (netDev != null) [
      "--sane-sandbox-net"
-      vpn.bridgeDevice
-    ] ++ lib.flatten (builtins.map (addr: [
-      "--sane-sandbox-dns"
-      addr
-    ]) vpn.dns);
+      netDev
+    ] ++ lib.optionals (dns != null) (
+      lib.flatten (builtins.map
+        (addr: [ "--sane-sandbox-dns" addr ])
+        dns
+      )
+    );

    sandboxFlags = [
      "--sane-sandbox-method" method
-    ] ++ allowPaths allowedRootPaths
+    ]
+      ++ netItems
+      ++ allowPaths allowedRootPaths
      ++ allowHomePaths allowedHomePaths
      ++ capabilityFlags
      ++ lib.optionals (autodetectCliPaths != null) [ "--sane-sandbox-autodetect" autodetectCliPaths ]
      ++ lib.optionals whitelistPwd [ "--sane-sandbox-add-pwd" ]
-      ++ lib.optionals (vpn != null) vpnItems
      ++ extraConfig;

    sandboxProfilesPkg = writeTextFile {
--- a/modules/programs/sane-sandboxed
+++ b/modules/programs/sane-sandboxed
@ -286,6 +286,11 @@ bwrapIngestPath() {
  # test -r "$1" && bwrapFlags+=("--dev-bind-try" "$1" "$1")
  bwrapFlags+=("--dev-bind-try" "$1" "$1")
 }
+bwrapIngestNet() {
+  debug "bwrapIngestNet: enabling full net access for '$1' because don't know how to restrict it more narrowly"
+  # N.B.: `--share-net` will override any earlier call to `--unshare-net`
+  bwrapFlags+=("--share-net")
+}
 bwrapIngestProfile() {
  debug "bwrapIngestProfile: stubbed"
 }
@ -296,7 +301,7 @@ bwrapIngestCapability() {

 bwrapExec() {
  PATH="$PATH:@bubblewrap@/bin" exec \
-    bwrap --dev /dev --proc /proc --tmpfs /tmp "${bwrapFlags[@]}" -- \
+    bwrap --unshare-net --dev /dev --proc /proc --tmpfs /tmp "${bwrapFlags[@]}" -- \
    "${cliArgs[@]}"
 }

@ -340,6 +345,9 @@ landlockIngestPath() {
    fi
  fi
 }
+landlockIngestNet() {
+  debug "landlockIngestNet: '$1': stubbed (landlock network is always unrestricted)"
+}
 landlockIngestProfile() {
  debug "landlockIngestProfile: stubbed"
 }
@ -367,6 +375,9 @@ capshonlySetup() {
 capshonlyIngestPath() {
  debug "capshonlyIngestPath: stubbed"
 }
+capshonlyIngestNet() {
+  debug "capshonlyIngestNet: '$1': stubbed (capsh network is always unrestricted)"
+}
 capshonlyIngestProfile() {
  debug "capshonlyIngestProfile: stubbed"
 }