Help wanted: cross-platform sandbox with (programmable?) filesystem introspection

As part of my work on resolving/linking external dependencies in shell scripts for Nix (which I’ve been hoping to have ready by branch-off), I’ve been picking at a proof-of-concept for ~fuzzing the scripts to find things that didn’t get nailed down.

I have a (surprisingly) decent bash implementation of the core logic, but the next few steps are in my blind spot. After a few evenings without much progress beyond a list of prospective projects, it’s clear that I don’t have the bandwidth/existing knowledge to keep this from turning into a yak shave. These are:

  1. Introspect filesystem ops. MVP = get a list of paths statted during the run. A FUSE may enhance the ~fuzzing options, but may not justify hoop-jumping to install OSXFUSE.
  2. Sandbox the fuzzing runs.
  3. Cross-platform support for 1 and 2 at the program level without folding in gobs of compatibility code that’ll need maintenance. (Reluctantly open to cross-platform container/VM approach that solves problems for one platform, but concerned about weight:benefit)

If this isn’t a reach for someone, a .nix would be a big help. Opinions on whether this is a fool’s errand or packages/libraries you can swear by are also useful.

2 Likes