.net - Looking for a locked down script interpreter -

-

i'm looking .net library specific task.

say app has been sent program (in script language) , want app run script. script come openly hostile individual, want run anyway. (like javascript in browser.)

var sc = new securescript("somefilefromanunknownpossiblyhostilesource.xyz"); /* set event handlers. */ sc.run();

during run call, script construct it's own data, mess around simple data types, whatever wants long effects contained within it's own world.

if script attempts openfile("c:/windows/something.exe"), fail, because haven't registered openfile function. way script interact outside world using function i've registered use script. doing that, i'm taking responsibility script can't bad it. sure, neglect validate parameters, that's not interpreter's job.

if script allocated memory, or take many cpu cycles, interpreter class invoke event handler once threshold has been passed , give me power stop script dead.

i'm more interested in interpreter being secure rather fast. javascript jit compilers nice, hear of browsers being updated due vulnerability bit liking.

so, there's plea. maybe exists or need build myself. i'd prefer .net/mono library open other platforms.

many thanks.

in other words, need sandbox execution of script.

there native .net mechanism allows that: appdomain permissions.

have @ how to: run partially trusted code in sandbox

however, not enough if want implement machine resource-specific restrictions (memory , cpu). arguably simple way run code in restricted appdomain , limit machine resources consumption use managed addin framework, , particularly addinproccess class (see managing add-ins: advanced versioning , reliable hosting, machine resource exhaustions section).


Comments

Post a Comment

Popular posts from this blog

linux - Mailx and Gmail nss config dir -

-
i trying send mail linux command line using mailx command. can send local domain no problem want set mail send gmail account receive mail sent gmail account. after configuring mail.rc so: account gmail { set smtp=smtps://smtp.gmail.com:587 set smtp-auth=login set smtp-auth-user=username@gmail.com set smtp-auth-password=password set ssl-verify=ignore } i error: resolving host smtp.gmail.com . . . done. connecting 74.125.25.109 . . . connected. missing "nss-config-dir" variable. "/home/username/dead.letter" 11/354 . . . message not sent. after looking "nss-config-dir" here , located certn.db , keyn.db files , added mail.rc so: account gmail { set smtp=smtps://smtp.gmail.com:587 set smtp-auth=login set smtp-auth-user=username@gmail.com set smtp-auth-password=password set ssl-verify=ignore set nss-config-dir=/home/user/.mozilla/firefox/location.default } now when try send mail using command: echo "sent gmail account" | mailx -v -a
Read more

c# - Is it possible to remove an existing registration from Autofac container builder? -

-
something along lines: builder.registertype<mytype>().as<itype>(); builder.registertype<mytype2>().as<itype>(); builder.deregistertype<mytype>().as<itype>() var container = builder.build(); var types = container.resolve<ienumerable<itype>>(); assert.istrue(types.count == 1); assert.istrue(types[0].gettype == typeof(mytype2)); scenario: go through bunch of assemblies , go register types want make sure have 1 implementation of given type. need before create container. track on own nice if autofac me bit. this cannot done directly using containerbuilder , unless start on new one. mind you, having first built container should able construct new container filtering away unwanted types , reusing registrations first container. this: ... var container = builder.build(); builder = new containerbuilder(); var components = container.componentregistry.registrations .where(cr => cr.activator.limittype != typ
Read more

php - Mysql PK and FK char(36) vs int(10) -

-
i have read mysql can handle indexes , searches better if tables keys integers rather char(36) uuid's. is worth converting int(10)? note: use 1 server , have have plans use multiple databases concurrently therefore removing 1 of big reasons using uuid. our tables innodb if makes difference. thanks in advance. usually rdbms can handle integer keys pk more efficient, other datatypes. reason how build index column, yes: long dont require string (or other typed) keys, should use integers. however: char(36) , int(10) far away being equal, because int(10) much smaller, char(36). dont know, if require many different keys, should keep in mind. update, complete last paragraph: int(10) 32-bit, char(36) 36 - ^byte^ (= 288-bit). not mean, int consumes less space, means, char(36) has 4 times more different keys.
Read more