Cordon - Safer Execution for Untrusted Linux Programs

Overview

• Cordon is a lightweight, per-execution filesystem sandbox for Linux.

• It allows users to run any command inside a restricted filesystem view without modifying system-wide permissions, installing permanent policies, or relying on heavy virtualization tools.

• Cordon enforces security by controlling what a program can see and modify during execution. When the process exits, the sandbox is removed entirely, leaving no persistent changes to the system.

Problem

On most Linux systems, applications inherit full read and write access to the user’s home directory and filesystem.

When users run commands such as:

• AppImages

• GitHub release binaries

• pip install / npm install / .sh installation files

• Third-party scripts

those programs execute with the same permissions as the user.

Many package managers execute arbitrary post-install scripts. A malicious or compromised package can:

• Delete important files

• Modify source code silently

• Overwrite configuration files

• Tamper with unrelated directories

• Exfiltrate sensitive data

This creates a usability-security gap. Developers frequently run untrusted code during installation, yet lack a simple way to contain its impact.

Limitations of Existing Solutions:

Existing sandboxing approaches are often impractical for quick, per-run usage:

• Virtual machines are heavy and slow.

• Containers require workflow changes and setup overhead.

• Flatpak requires repackaging applications.

• SELinux and AppArmor demand complex policy configuration.

• System-wide sandboxing tools are excessive for one-off commands.

• As a result, users must either trust software blindly or avoid running it entirely.

Solution

Cordon provides per-run filesystem isolation using Linux namespaces.

Instead of detecting malicious behavior, Cordon reduces risk by restricting filesystem visibility.

When a command is launched through Cordon: cordon run -- npm install

Cordon creates an isolated mount namespace and exposes only explicitly allowed directories. Within this environment:

• Essential system directories are mounted read-only.

• A selected project directory can be writable.

• Sensitive subdirectories (such as /src) can be protected as read-only.

• All other paths are hidden or inaccessible.

• Network access can optionally be disabled.

If the application attempts to modify protected locations or access hidden paths, the operation fails safely and is logged.

When execution completes, the sandbox environment is removed completely.

What Cordon Provides:

• Per-run filesystem isolation

• Protection for sensitive project directories

• Safer execution of untrusted install scripts

• Minimal overhead compared to containers or virtual machines

• No system-wide configuration changes

• No root privileges required

• Clear logging of all access attempts, to let user monitor the program.

• A simple, developer-focused CLI interface

Cordon integrates into existing workflows without requiring changes to development practices.

What Cordon Does Not Do:

Cordon is intentionally scoped and does not attempt to replace broader security systems.

It is not:

• An antivirus

• A malware scanner

• A full container runtime

• A replacement for SELinux or AppArmor

• A complete operating system security solution

Cordon reduces risk by limiting filesystem exposure during execution. It does not attempt to detect or analyze malicious code.

Target Users:

Cordon is designed for:

• Developers installing third-party packages

• Users running AppImages or unknown binaries

• Contributors testing scripts from open repositories

• Anyone seeking safer defaults without heavy tooling