防止不受信任的 C# 代码启动新线程或黑名单/白名单 API
我正在实现一个将加载和执行第三方代码的应用程序。
虽然 .NET 沙箱很好,但我找不到阻止代码启动新线程的方法。
这是一个问题,因为据我所知,我们无法安全地枚举和中止它们以卸载沙箱 AppDomain - 我们必须退出整个过程。
我如何禁止 Thread.Start 或(更好)白名单/黑名单特定的 CLR API?
I'm implementing an application which will load and execute 3rd party code.
While .NET Sandboxing is fine, I can't find a way to prevent code from starting new threads.
This is a problem because AFAIK we can't enumerate and abort them safely to unload the sandbox AppDomain - we have to exit the whole process.
How could I ban Thread.Start, or (better) whitelist/blacklist specific CLR APIs?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要创建脚本环境而不是运行编译的代码。在这种环境中,您可以解析出不支持/不需要的关键字。
http://msdn.microsoft.com/en-us/library/ms974577。 aspx
http://osherove.com/blog/2004/2/17/make-your-net-application-support-scripting-a-practical-appr.html
http://www.codeproject.com/KB/library/Dotnet_Scriptor.aspx
可能有某种限制方式在 AppDomain 中运行的代码的权限,这就是您所说的沙箱吗?
使用 AppDomain 的好示例
如果出现以下情况,您可能会强制卸载 AppDomain: cpu 和内存发生了“坏事”。
最近在 .net 4 中,我注意到但没有调查 HostProtection Permissions ...
系统.安全.权限
hostprotectionattribute
=== 编辑 ===
看起来设置安全权限的 CLR 托管将是正确的选择。链接...
什么是 CLR 托管?
http://msdn.microsoft.com/en-us/library/hbzz1a9a(v=vs. 90).aspx
http:// /msdn.microsoft.com/en-us/library/h846e9b3(v=vs.90).aspx
http://msdn.microsoft.com/en-us/library/system.security.permissions.securitypermission(v=vs. 90).aspx
You would need to create a scripting environment rather than run compiled code. In this environment you could parse out unsupported/unwanted keywords.
http://msdn.microsoft.com/en-us/library/ms974577.aspx
http://osherove.com/blog/2004/2/17/make-your-net-application-support-scripting-a-practical-appr.html
http://www.codeproject.com/KB/library/Dotnet_Scriptor.aspx
There might be some way of limiting permissions of code running within an AppDomain, is this what you are talking about with Sandboxing?
Good example of use of AppDomain
You could potentially force unloading of an AppDomain if "bad stuff" was occuring with cpu and memory.
more recently in .net 4 I have noticed but not investigated HostProtection Permissions ...
System.Security.Permissions
hostprotectionattribute
=== EDIT ===
It looks like CLR Hosting with Security Permission being set would be the way to go. Links...
What is CLR hosting?
http://msdn.microsoft.com/en-us/library/hbzz1a9a(v=vs.90).aspx
http://msdn.microsoft.com/en-us/library/h846e9b3(v=vs.90).aspx
http://msdn.microsoft.com/en-us/library/system.security.permissions.securitypermission(v=vs.90).aspx