StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
5119516
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-02-25T16:08:48.900
FavoriteCount
0
LastActivityDate
2011-02-25T16:08:48.900
LastEditDate
LastEditorUserId
0
OwnerUserId
36723
ParentId
5119419
PostTypeId
2
Score
1
ViewCount
0
LastEditorDisplayName
text
Body
Possible? Yes. Difficult? Also yes. OS-dependent? Very yes. Most modern OSes support various levels of process isolation that can be used to acheive what you want. The simplest approach is to simply attach a debugger and break on all system calls; then filter these calls in the debugger. This, however, is a large performance hit, and is difficult to make safe in the presence of multiple threads. It is also difficult to implement safely on OSes where the low-level syscall interface is not documented - such as Mac OS or Windows. The Chrome browser folks have done a lot of work in this field. They've posted design docs for <a href="http://www.chromium.org/developers/design-documents/sandbox" rel="nofollow">Windows</a>, <a href="http://code.google.com/p/chromium/wiki/LinuxSandboxing" rel="nofollow">Linux</a> (in particular <a href="http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox" rel="nofollow">the SUID sandbox</a>), and <a href="http://www.chromium.org/developers/design-documents/sandbox/osx-sandboxing-design" rel="nofollow">Mac OS X</a>. Their approach is effective but not totally foolproof - there may still be some minor information leaks between the outer OS and the guest application. In addition, some of the OSes require specific modifications to the guest program to be able to communicate out of the sandbox. If some modification to the hosted application is acceptable, Google's <a href="http://code.google.com/p/nativeclient/" rel="nofollow">native client</a> is worth a look. This restricts the compiler's code generation choices in such a way that the loader can prove that it doesn't do anything nasty. This obviously doesn't work on arbitrary executables, but it will get you the performance benefits of native code. Finally, you can always simply run the program in question, plus an entire OS to itself, in an emulator. This approach is basically foolproof, but adds significant overhead.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POmemory safety and security - sandboxing arbitrary program?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USbdonlan
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.