Sebastian had replied to my earlier query for safety
from unmanaged code by sandboxing it in a separate app
domain.
I read the links :
http://pages.infinit.net/ctech/20050520-0735.html
http://pages.infinit.net/ctech/20050623-0432.html
Is the sandboxing based on providing code based and
role based security of the modules ? ie. ensuring that
the managed code trusts the Unamanged code?
Yes, but the robots don't have unmanaged code
access. They are limited to the so called
"Internet" permission set, which provides only basic
functionality (no file & net access, and, of course,
NO unmanaged code access).
It's called "Internet", because it is intended
to be applied to code that was downloaded from
the internet.
If for instance we give the unmanaged code permit to
execute and it (unmanaged code) maligns some raw
address, this sandboxing might not be able to protect
it ? i.e the faults will not be sandboxed to the
unmanaged app domain only.
No, the sandbox won't be able to protect against
unmanaged code doing bad things.
If you want some kind of protection, you may run the
unmanaged code in another managed process that
communicates with the main app using .NET remoting.
Anyway, this *won't* be safer. It might help
to "rescue" the main app, but what is that protection
good for, if the untrusted unmanged code in
the other process is just deleting your harddrive ;-)
Neither mono nor .NET are sandboxes for *unmanaged*
code.
Robert
_______________________________________________
Mono-list maillist - [email protected]
http://lists.ximian.com/mailman/listinfo/mono-list
