If I understood it correctly, your objective is to build a Sandbox for unmanaged code (i.e. C++ code or Full Trust .Net Code) so that it can be securely executed in the process hosting the VX32?
In that case, and knowing that all I need to take ownership of a process is to be able to write to 4 bytes in that memory space (i.e. a pointer), how do you securely handle the C++ native pointer manipulation without implementing a C# like type safety environment.
I haven't read the main Pdf liked from your website, if this answer is there, then please kindly point me to the relevant page.
Best regards
Dinis Cruz
Owasp .Net Project
www.owasp.net
On 12/22/05, Bryan Ford <[EMAIL PROTECTED]> wrote:
Hi folks, I hope this announcement might be of interest to some of you as
being related to and in some respects complementary to Mono and other
application-level virtual machines.
I've just released the first (very experimental) version of VX32, a new
x86-based application-level virtual environment. Unlike most x86-based virtual
machines such as QEMU and plex86, VX32 is more comparable in
function to Kaffe or Mono: VX32 only implements the user-mode portion of the
x86 architecture rather than emulating a whole machine including devices, and
is intended for use by applications to create lightweight, highly
controllable execution environments for safe application plug-ins and the
like, rather than for running whole operating systems. VX32 might be
especially appropriate for safely running Unix filter-like applications such
as compressors, decompressors, crypto software, or transcoders, where the
legacy code bases you often want to re-use are already written in C or other
non-typesafe languages. VX32 could also potentially provide the basis for a
"safe native method" extension facility for typesafe languages such as Java
and C#, if there is interest.
VX32 uses dynamic code rewriting techniques to sandbox guest code efficiently
on x86 host processors, typically costing less than 15% slowdown versus
native x86-32 execution. I'm also working on instruction set emulation and
binary translation to make the environment portable to other host
architectures.
The VX32 home page, including the first source release, is here:
http://pdos.csail.mit.edu/~baford/vm/
The home page for VXA (Virtual eXecutable Archives), a related project that
uses VX32 to turn ZIP files into "active archvies", is here:
http://pdos.csail.mit.edu/~baford/vxa/
Finally, a paper that discusses both VX32 and VXA can be found here:
http://www.brynosaurus.com/pub/os/vxa.pdf
I would appreciate any comments and feedback. Thanks for your time!
Bryan
_______________________________________________
Mono-list maillist - [email protected]
http://lists.ximian.com/mailman/listinfo/mono-list
_______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
