[Mono-dev] Running untrusted code
Rafael Teixeira
monoman at gmail.com
Wed Jan 22 12:26:00 UTC 2014
Mono follows .NET security model (see
http://msdn.microsoft.com/en-us/magazine/ee677170.aspx for an overview),
but never implemented full CAS policies which are now obsoleted anyway,
although the newer sandboxing and Security Transparency model, are very
functional in Mono.
What Mono still needs, AFAIK, is lots of code auditing to verify that no
path for partial-trust code to scale-up its permissions (escape the
sandbox) exists.
Rafael Teixeira
O..:.)oooo
On Wed, Jan 22, 2014 at 2:01 AM, Nican <nican132 at gmail.com> wrote:
> Hello,
>
> I have worked over the past months, as a side project, on implementing
> Mono unto the Source Engine, https://github.com/Nican/SharpMod .
>
> One of the features of the project is being able for the server to run
> untrusted code on the client machine. From my understanding, Mono provides
> a sandboxed environment, http://www.mono-project.com/MonoSandbox, and
> while it seems to stop some possible malicious behavior, such as P/Invokes,
> it does not seem to stop the untrusted code from performing IO operations,
> such as reading a file on my desktop, and other potentially malicious
> operations.
>
> Moonlight and Unity seems to perform some kind of code auditing, (
> https://github.com/Unity-Technologies/monobuildtools/tree/master/tuning,
> https://github.com/mono/moon/tree/master/class/tuning), but I can not
> understand how those tools are being used.
>
> Could anyone point me in the direction on how to better trust running
> untrusted code?
>
> Cheers,
> Nican.
>
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-devel-list/attachments/20140122/849107bf/attachment.html>
More information about the Mono-devel-list
mailing list