From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=BAYES_00,FORGED_MUA_MOZILLA autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,af0c6ea85f3ed92d X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII Received: by 10.68.238.198 with SMTP id vm6mr3416153pbc.3.1328868567034; Fri, 10 Feb 2012 02:09:27 -0800 (PST) Path: wr5ni8208pbc.0!nntp.google.com!news2.google.com!goblin2!goblin.stu.neva.ru!weretis.net!feeder4.news.weretis.net!nuzba.szn.dk!news.szn.dk!pnx.dk!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail Date: Fri, 10 Feb 2012 11:09:25 +0100 From: =?ISO-8859-1?Q?Thomas_L=F8cke?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120131 Thunderbird/10.0 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Arbitrary Sandbox References: <8e83f2be-c6e9-4b0b-b53c-d50fe70d01e1@pq6g2000pbc.googlegroups.com> <4f34b6d6$0$292$14726298@news.sunsite.dk> In-Reply-To: Message-ID: <4f34ecd6$0$283$14726298@news.sunsite.dk> Organization: SunSITE.dk - Supporting Open source NNTP-Posting-Host: 77.234.175.34 X-Trace: news.sunsite.dk DXC=^gYM:2mQc8X5dE91CT5^XYYSB=nbEKnk[cWN^LcTk:7V3ZOKe3?:>XQcAE?;m5ccYSXohdXkZjmRVL4RB2mk]ZG^ X-Complaints-To: staff@sunsite.dk Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Date: 2012-02-10T11:09:25+01:00 List-Id: On 02/10/2012 10:32 AM, Rob Shea wrote: > > Only some applications need to be handled in this way, as they are > developed (hence the arbitrary requirement) while other applications > require all the normal abilities, like network access and file system > writing. Then simply run more guests, with differing setups and permissions. Honestly, it sounds like you guys are trying to reinvent the wheel. Virtualization today is cheap and easy, so unless you specifically need to run on bare metal, I fail to see why you would ever want to invent your own sandbox environment. This has already been done to death by a bunch of very skilled and knowledgable people. By using some of the existing technologies you get the added benefit of snapshots, cloning and a very fine grained control over what hardware the guest sees. > > Thank you for the suggestion though, it would make life a bit easier, > but alas not appropriate here. Obviously I've no idea what you're actually trying to accomplish or what your final goals are, but as soon as I read this: "The idea is a Windows test station sandbox where arbitrary applications can be executed, but cannot make system changes or transmit data" Then I'm instantly thinking: Already solved, by every single virtualization product out there. Unless there's more to your product than what you've described, I honestly think you'd be doing yourself a disservice by trying to come up with a homegrown solution. If you're trying to build walls around unsafe programs inside Windows, I believe you're setting yourself up for failure. But if this is what you want to do, then you should obviously go with Ada, simply because it was created with safety and security in mind. I don't know of any other language where this is the case. Good luck! :o) -- Thomas L�cke | thomas@12boo.net | http://12boo.net