From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD, FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,af0c6ea85f3ed92d X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII Received: by 10.68.222.71 with SMTP id qk7mr5681333pbc.1.1328956462565; Sat, 11 Feb 2012 02:34:22 -0800 (PST) Path: wr5ni11955pbc.0!nntp.google.com!news2.google.com!postnews.google.com!i18g2000yqf.googlegroups.com!not-for-mail From: Maciej Sobczak Newsgroups: comp.lang.ada Subject: Re: Arbitrary Sandbox Date: Sat, 11 Feb 2012 02:32:45 -0800 (PST) Organization: http://groups.google.com Message-ID: <702c5d55-ff96-486c-bff9-93aa273f6217@i18g2000yqf.googlegroups.com> References: <8e83f2be-c6e9-4b0b-b53c-d50fe70d01e1@pq6g2000pbc.googlegroups.com> NNTP-Posting-Host: 95.49.186.187 Mime-Version: 1.0 X-Trace: posting.google.com 1328956462 23566 127.0.0.1 (11 Feb 2012 10:34:22 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Sat, 11 Feb 2012 10:34:22 +0000 (UTC) Complaints-To: groups-abuse@google.com Injection-Info: i18g2000yqf.googlegroups.com; posting-host=95.49.186.187; posting-account=bMuEOQoAAACUUr_ghL3RBIi5neBZ5w_S User-Agent: G2/1.0 X-Google-Web-Client: true X-Google-Header-Order: HUALESNKRC X-HTTP-UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13,gzip(gfe) Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Date: 2012-02-11T02:32:45-08:00 List-Id: On 10 Lut, 05:41, Rob Shea wrote: > > =A0 =A0Could you be more specific? =A0That sounds like a computer runni= ng > > Windows, alone in a dedicated room, with no connections to the outside. > > Well, virtually speaking, that is exactly what I want... literally > speaking it's a Windows system, networked, with removable disks, that > needs to run untrusted code processing untrusted data. > In other words, a very simple and restrictive, operating system level > virtualization tool for Windows, that can be initiated by unprivileged > users. Then I don't understand why you got stuck at the level of language choices. Neither .NET nor Ada will provide you this level of isolation - both can initiate malicious network connections and both can read and write files, for example. I think that you should take a look at virtualization solutions like VMWare. This allows to create an operating system within an operating system, which is great for experimentation as well as for creating security sandboxes. In essence, such a sandbox is like a separate machine, but does not require separate hardware. What is most important, you can really run *arbitrary applications* on such a sandboxed system (just as you have described in your initial post), no matter what language they are written in. Note that if you choose .NET as your "virtualization solution", then you will *not* be able to run any application that is not .NET-based. Similarly, if you pick Python, you will only be able to run Python applications on it. Same for Java [*]. That does not count as "I can run arbitrary applications on it" for me. [*] Yes, I know that there are many .NET-based languages, and there are many languages based on the JVM. Still, that does not count as "I can run arbitrary applications on it". The advantage of real virtual machines (of the VMWare or Parallels, etc. kind) is that you can do with them things that you would never find a courage to do with your physical machine. This is really a great tool for creating experimental, testing or security sandboxes and I'd recommend that you take a look at them. -- Maciej Sobczak * http://www.msobczak.com * http://www.inspirel.com