[Mono-dev] Mono and medium trust
quandary
quandary82 at hailmail.net
Sat Sep 3 07:10:49 EDT 2011
> You could, but this is not how security evolves ;)
xD I know. But for now, a quick and dirty hack is better than half a
year of work.
Looking at:
mono/metadata/loader.c:mono_lookup_pinvoke_call
I just wanted to say, that looking at the source file, this line hurt my
eye:
if (strstr (new_scope, ".dll") == (new_scope + strlen (new_scope) - 4)) {
If you want to check whether new_scope ends on ".dll", I wouldn't do a
strstr.
I did this one in an aimbot of mine, like this:
if ( (urth_aimAtHead.integer != 0) )
bHeadInModel= (strstr(modelName, "head")) || (strstr(modelName,
"helmet")) ;
and when I started the program with this modification (as opposed to
without this modification), you just heard the fan start going (every
time), as well as a very obvious CPU-performance related lagging.
I realized I could replace strstr when i just took the ending of the
full model name, added a strrcmp instead of strstr. So strstr(modelName,
"head") became !strrcmp(modelName, "head.md3")
And my performance problems were gone, and the fan stopped immediately.
This is the strrcmp function I used (origining from BSD libc extensions,
BSD license):
bool strrcmp(char* chrptr_SearchIn, char* chrptr_SearchFor)
{
size_t szeSearchInLength = strlen(chrptr_SearchIn) ;
size_t szeSearchForLength = strlen(chrptr_SearchFor) ;
if (szeSearchForLength > szeSearchInLength)
return false ;
if (memcmp(chrptr_SearchIn + szeSearchInLength - szeSearchForLength,
chrptr_SearchFor, szeSearchForLength))
return false ;
else
return true ;
}
On 09/02/2011 06:05 PM, Robert Jordan wrote:
> On 02.09.2011 17:29, quandary82 wrote:
>> Couldn't I hack together my own custom mono-runtime version, to block
>> DllImport for all dll's that are not in an allowed-dlls list and
>> System.Diagnostics.Process.Start as well ?
> You could, but this is not how security evolves ;)
>> System.Diagnosts.Process would be in the mcs class library, but where is
> Starting processes can be prevented with SELinux or AppArmor.
>> DllImport ? Is it just an attribute ? I suppose there is a wrapper
>> around dlopen/LoadLibrary somewhere ?
> DllImport is special. A good place to block p/invokes is:
> mono/metadata/loader.c:mono_lookup_pinvoke_call There you can look
> from which assemblies the pinvoke comes from etc. Robert
> _______________________________________________ Mono-devel-list
> mailing list Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ximian.com/pipermail/mono-devel-list/attachments/20110903/1191c1cb/attachment-0001.html
More information about the Mono-devel-list
mailing list