Databases
StackOverflow2013
Postsdbo
POIs it possible to host the .Net DLR in an "idiot-proof" sandbox?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POIs it possible to host the .Net DLR in an "idiot-proof" sandbox?
    text
    copied!<p>I would like to host the Dynamic Language Runtime (DLR) in such a way that users who run arbitrary scripts in it cannot bring the process down?</p> <p>The <a href="http://dlr.codeplex.com/Project/Download/FileDownload.aspx?DownloadId=127516" rel="noreferrer">DLR hosting spec</a> describes how to host the DLR in a separate ApplicationDomain. This allows to tear down and unload a script runtime and to restrict certain operations through CAS (e.g. I can restrict file system access or disallow use of reflection).</p> <p>But are there also ways to for example: - restrict the maximum amount of memory used by a script? - restrict the number of threads created by a script? - detect deadlocked scripts?</p> <p>I think such fine grained control could be possible using the <a href="http://msdn.microsoft.com/en-us/library/ms164336.aspx" rel="noreferrer">unmanaged .net hosting API</a> that was developed for SQL server. Is this the direction to go? Are there open source projects for this kind of general .net sandboxing?</p> <p>Here are a few potentially useful references that I found:</p> <ul> <li><a href="http://msdn.microsoft.com/en-us/magazine/cc163701.aspx" rel="noreferrer">Discover Techniques for Safely Hosting Untrusted Add-Ins with the .NET Framework 2.0</a></li> <li><a href="http://dlr.codeplex.com/Thread/View.aspx?ThreadId=216441" rel="noreferrer">Host protection</a> thread on DLR discussion list</li> <li><a href="http://blogs.msdn.com/b/shawnfa/archive/2005/10/13/480210.aspx" rel="noreferrer">Using Host Protection</a> (.Net security blog)</li> </ul>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload