[sldev] Scripting projects priority survey

[John Hurliman]

On Wed, Jun 25, 2008 at 5:26 AM, Bruce Tong <tongb at ohio.edu> wrote:

>
> ...
>
> I've not put a lot of thought into this, but might there be some
> undesirable exploits if people are able to upload their own
> compilations? I guess I'm wondering if folks might be able to get
> outside of what I assume is an isolated or protected runtime
> environment and find data to which they should not have? I'm
> completely ignorant of the runtime environment of scripts, so these
> are probably unjustified concerns.
>
> --
> Bruce Tong
> Software Engineer
> Office of Information Technology
> Ohio University


The idea is to run code in a sandbox using a customized version of Mono
(open source implementation of the .NET runtime/framework). To do anything
clever in any language you need functions that let you do clever things. For
example, peeking at memory you shouldn't see requires a function that lets
you look at memory, or a pointer that you can manipulate to point outside
where it should see. The sandbox removes all unsafe code (unsafe in this
context meaning code marked with the unsafe keyword which gives you access
to pointers) and is not compiled with any framework except for LL's API. You
end up with something that is no less secure than the original LSL language,
but you're coding in a more refined syntax that compiles to a common
instruction set.

For reference, the "Rooting the CLR" presentation is talking about using
full security .NET apps to patch the CLR at runtime. An important talk, but
not applicable to sandboxed runtimes.


John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20080625/96682bbf/attachment.htm