[sldev] How Asset server handles saving of scripts

[Donovan Preston]

On Dec 20, 2007, at 11:37 AM, John Hurliman wrote:
> OpenSim doesn't have an adequate CIL sandbox to trust random  
> binaries from clients, no one has that (yet). The first version of  
> Mono's CoreCLR security is out, and I understand Babbage designed  
> his own for SL, but I would like to see some sort of audit on them  
> before trusting a system with it*. Additionally, you would have to  
> run a modified client to actually produce and upload that CIL which  
> no one is doing right now, and you still wouldn't have support for  
> all of the languages OpenSim is currently supporting such as  
> Javascript.

Babbage has not designed a bytecode verifier. Babbage would know more,  
but I think he prodded the mono community and was going to wait for  
them to step up for this one, and it sounds like CoreCLR might be that  
piece, or something like it. However, the initial mono design involves  
server-side compilation so that we can get away with running bytecode  
we created, without sandboxing.

> * I hope there is some way to prevent code from using any sort of  
> reflection at the runtime level, because it seems like that would  
> subvert any security model you could think of

I don't really think it's that difficult with a sandbox and a  
capability security model. Any references the bytecode is able to  
reach are references it should be allowed to see.

Does the CLR have a run-time "eval" or compile code function? If so,  
that would need to be extended to call the bytecode verifier. In other  
words, the eval you put in the sandbox is your own custom eval which  
calls the generic eval and then runs the bytecode verifier, raising  
exceptions if it fails. Since the bytecode will then be run in the  
same sandbox as the code that called eval, it will be subject to the  
same restrictions on what objects it is able to access.

Donovan