I am trying to create some soft of a sandbox for linux systems (ubuntu).
My main goal is to find out which files are executed by a bash script of my choice, without actually letting it run them.
I also want to prevent changes to the system, so the running script will think he has the ability to write to files but it actually doesn't. I don't want to run the bash script under low permissions, because them it will fail to run if it tries to change something.
Please don't suggest running it through a virtual machince, it's too slow for me.
The only thing that comes to my mind is hooking any write syscall so when it tries to write to a file, the system will return SUCCESS but do nothing. Also hooking any execution syscall to capture all programs executed by the script and prevent executing other files while returning success to the script. But I have to clue on how to do this.
Any ideas? Thanks in advance.