Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
Liudar2018-12-01 20:01:42
C++ / C#
Liudar, 2018-12-01 20:01:42

How to isolate unsafe code in a dotnet core application?

Good afternoon. I am developing an application that uses built-in lua scripts. Because with the condition of the specifics of the task, dotnet core is needed, the choice fell on NeoLua. But I can't restrict the rights of the script code being executed. As an example - read access from files. If we abstract from Lua, then the task comes down to a simple question: How to isolate unsafe code in a dotnet core application?
The .NET Framework had an AppDomain but

.NET Core does not support AppDomains or sandboxing:
Free of problematic tech. .NET Core doesn't include certain technologies we decided to discontinue because we found them to be problematic, for instance AppDomain and sandboxing. If the scenario still makes sense for .NET Core, our plan is to have replacements. For example, AssemblyLoadContext replaces AppDomains for loading and isolating assemblies.

And how now to restrict a call of any method in the rights?
as an example:
public static void Main(string[] args)
        {
            //Sandbox for deny read files acess 
            {
                var text = string.Empty;
                using (var reader = new StreamReader("test.txt"))
                {
                    text = reader.ReadToEnd();
                }
            }
        }

What can you advise? How to decide? In which direction to dig?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
R
rPman, 2018-12-01
@Liudar

The list of implementations is here lua-users.org/wiki/LuaImplementations
For example, this is https://github.com/chkn/AluminumLua
You can not add any libraries to your context at all and add your own methods in your code that will be called on functions in lua.
ps of the open source library, you can always fix the code in the place where the file opens.

Report
D
Dasha Tsiklauri, 2018-12-01
@dasha_programmist

try using docker, although this is also a sieve, but perhaps better customized than nothing
https://security.stackexchange.com/questions/29378...

Similar questions
A
Arthur Levenson2021-05-15 13:38:30
How to enable thumbnails in modx galleries? 2Reply
D
Dimatime2015-07-15 18:16:02
How to download many photos of a certain topic? 2Reply
V
Valeriy19972015-08-14 11:05:07
How to arrange objects in canvas? 4Reply
V
valackar2015-09-01 14:57:12
How to display the property value in the public part of Bitrix? 4Reply
I
Ivan2015-09-09 16:06:50
How to prototype app design? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question