Google App Engine沙箱的工作原理是什么？ [英] How does Google App Engine sandbox work?

问题描述

Google App Engine沙盒是如何运作的？

我需要做些什么才能创建我自己的沙箱（为了安全地让我的客户在我的引擎上运行应用程序而不让他们能够格式化我的磁盘驱动器）？它只是类加载器的魔术，字节操作或其他东西？

解决方案

您可能需要限制类加载器和彻底了解 Java安全架构。您可能会使用指定的非常严格的SecurityManager运行您的JVM。

How does Google App Engine sandbox work?

What would I have to do to create my own such sandbox (to safely allow my clients to run their apps on my engine without giving them the ability to format my disk drive)? Is it just class loader magic, byte manipulation or something?

解决方案

You would probably need a combination of a restrictive classloader and a thorough understanding of the Java Security Architecture. You would probably run your JVM with a very strict SecurityManager specified.

这篇关于Google App Engine沙箱的工作原理是什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！