I have no idea why this was not posted before! I see this is a very important thing!
The goal is: to have the most malicious file ever created on the planet in an AppVM alongside with very trusted files, and not be afraid, because the AppVM has no way to process any file (so the malicious file has no chance to do anything.) All files will be viewed/edited separately in disposables. The AppVM will do nothing except storing.
First, is this even possible. I currently say: yes. I see that a ‘file’ is just some bytes stored. If a ‘file’ is malicious, I say, then it’s waiting to be processed so it can do any malicious thing. Is that true?
The question is: How to create an AppVM that never processes any file?
I believe this should be fairly easy: Just make it based on a template with NOTHING that is even able to process a file.
There are all the commands I would need: cp
, mv
, rm
, ls
, touch
, mkdir
, and cd
.
Isn’t it true that: cp
blindly copies bytes without processing them at all?
Isn’t it true that: mv
and rm
just read and write to the filesystem and not at all files?
Isn’t it true that: touch
and mkdir
just write to the filesystem?
Isn’t it true that: cd
just doesn’t do anything related to files?
I’m quite afriad of ls
that might process the file for e.g. ls -l
while listing the last modification date. What do you think about that?
It’d be nice if echo
and source
as well, to have aliases.
I hope you get the point. I want to be able to have all kinds of files: the very trusted and the non-trusted together in one storage-only AppVM while not being afraid, because they’re all viewed/edited (i.e. processed) in disposables, and the AppVM does nothing except storing them.
Is it possible to create such AppVM? If yes, how?
Thanks.