Randomize the homedir of the user to evade sandbox detection.

[calebbrown]

Some samples of malware check for a $HOME of /root and skip running if true.

Running at root has its advantages, so perhaps changing the home from /root to /home/${name}, where ${name} is replaced by a name drawn at random from a set of predefined common usernames (e.g. popular first names, admin, deploy, worker, etc)

[maxfisher-g]

Could this be done dynamically in the sandbox by doing an adduser/useradd and then su or sudo -l to that user before installing and running the package?

[maxfisher-g]

Issues to consider (from discussion with @calebbrown):

• If the username is randomised, then the home directory will be randomised, and we want to be able to replace the randomised home directory with a generic token (e.g $USER or %USER%)
• Names should be hard to guess (i.e. not constant or drawn from a small set) but also not too obviously random
• podman has a way to supply the user to run as
• Potentially could run as both unprivileged user as well as root, but this doubles the amount of data collected
• We should probably do some experiments to determine how many packages actually do check whether they're running as root

Current conclusion is that this issue is not super high priority