This repository has been archived by the owner on Jul 13, 2022. It is now read-only.
google/wheelbarrow
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Introduction: Wheelbarrow is a framework for automated security analysis of Linux packages. It is motivated by wanting to inspect packages that are available in the Linux software repositories and annotate their security properties. Thus getting us a better understanding of the security implications of these. Summary of functionality: * Create an on-going pipeline to examine and annotate security properties on packages available in the upstream Ubuntu repositories. * Annotate the security properties of packages available. How it works: Given a list of application packages, Wheelbarrow spawns virtual machines (VMs) in order to examine each package. Analyses runs inside a VM in order to isolate applications under test from the analysis host. This also enables easily reverting to a sane, controlled execution environment. A broker inside the VM triggers events (package extraction, installation, starting services, etc.) and gathers data after each of these events. Several analyses are included, but the project is designed to be easily extensible to other analyses and also to other package management systems. See the INSTALL file to get started.
About
No description, website, or topics provided.
Resources
Code of conduct
Security policy
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published