In scientific gateways, MPI initialization requires network access, yet subsequent reading of user-provided parameter files necessitates network deactivation to mitigate remote attack vectors—a requirement incompatible with conventional static permission models. Method: This paper introduces Linux Landlock—the first adoption of this kernel-level sandboxing mechanism in scientific computing—to realize a zero-trust, runtime-dynamic sandbox. Specifically, network capabilities are revoked immediately after MPI initialization, enforcing strict isolation of untrusted input files. Contribution/Results: The approach eliminates reliance on identity-based authentication, has been deployed in the FUKA scientific gateway, and validated for compatibility with Einstein Toolkit, Octo-Tiger, and FUKA. Experiments demonstrate substantial resilience against network-side-channel and malicious parameter-injection attacks, while preserving full computational functionality. Our solution establishes a lightweight, kernel-enforced, fine-grained security paradigm for scientific gateways.

The most recent Linux kernels have a new feature for securing applications: Landlock. Like Seccomp before it, Landlock makes it possible for a running process to give up access to resources. For applications running as Science Gateways, network access is required while starting up MPI, but for the sake of security, it should be taken away prior to the reading of user-supplied parameter files. We explore the usefulness of Landlock by modifying and locking down three mature scientific codes: The Einstein Toolkit (a code that studies the dynamics of relativistic astrophysics, e.g. neutron star collisions), Octo-Tiger (a code for studying the dynamics of non-relativistic astrophysics, e.g. white dwarfs), and FUKA (an initial data solver for relativistic codes). Finally, we implement a fully-functioning FUKA science gateway that relies on Landlock (instead of user authentication) for security.