C ++-用户空间代码中的第二级受保护代码 [英] C++ - second level of protected code in user space code
问题描述
给出以下代码:
class module {
public:
virtual void run(void (*callback)(int)) = 0;
byte* memory;
}
int main() {
module m1 = loadSomeUntrustedModule();
module m2 = loadSomeUntrustedModule();
m1.memory[31] = 5;
//m1.run(); //?
return m1.memory[32];
}
我想在module中执行不能访问其自身外部代码的run,将其与自己的私有内存空间隔离,只能从主进程访问它.可以防止内存泄漏,甚至可以防止恶意代码.该代码只需要访问自己的内存即可访问任何内容.我打算将此代码跨平台,在linux,windows,mac,android等环境下编译并运行...
I want to execute run in module that cannot access code outside of itself, isolating it with its own private memory space, only accessible from the main process. Safe from memory leaks, and potentially from malicious code. The code does not need access to anything but its own memory. I intend for this code to be cross-platform, compiling and running for linux, windows, mac, android, etc...
这是一个相当简单的问题;如何按照上述要求在C ++中运行沙盒/受保护的代码?但是我认为答案要复杂得多.我以为其中包含一个程序集.
Its a rather simple question; How do I run sandboxed/protected code in c++ with the requirements talked about above? But one much more complicated to answer I would assume. One that I would assume to be containing assembly.
推荐答案
我不认为可以使用跨平台解决方案将模块加载到同一进程中(此外,我们还没有跨平台模块).
I don't think there's cross-platform solution available to load module into the same process (moreover, we don't have cross-platform modules yet).
或多或少的便携式解决方案将是创建另一个进程并使用跨进程通信.对于不同的操作系统,它们仍然是不同的,但是确实存在跨平台包装器.
More-or-less portable solution would be to create another process and use cross-process communication. They are still different for different OSes, but cross-platform wrappers do exist.
一个已知的实现是Google Chrome沙箱.在Windows上,它创建子流程,将其访问令牌减少到最低限度,并挂钩其文件I/O系统API,以将数据通过管道转发给父流程.好的沙盒那很难...
One known implementation is Google Chrome sandbox. On Windows it creates sub-processes, reduces their access tokens to very minimum and hooks their file i/o system APIs to forward data thru pipes to parent process. Good sandbox is that hard...
这篇关于C ++-用户空间代码中的第二级受保护代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
