All geek questions in one place

Resolution topics

The server creates a new thread in threadpool. This thread reads some things into the buffer and so on, and after that some code is executed. I would like to protect myself by changing the resolution of the stream to a lower one, to this code, which may be unsafe (or this behavior may be changed ... by hacking, etc.)

I am going to (ha ... but almost do not know) to create a kind of "sandbox" for this insecure code in the stream. (Perhaps for a UNIX-like OS, because I have no idea how to do this for Windows).

Any ideas on how to change the resolution on topics? (I use the Boost library). And would it be great if it were possible to determine the boundaries of memory usage? (Something like - if a thread tries to use more than 1 MB of stack / heap - something is wrong - kill it).

And one more thing :) - if I use chroot inside the stream, I change the root directory. for the whole application?

Thank you for the attention.

+3
source share
1 answer

It is not possible to manage the rights to the threads of native code on Unix or Windows - at least not without breaking the kernel. The hardware “ring” mechanism (at least x86) was designed to do something like this: you should release the thread into a less privileged ring. However, none of the operating systems supports user mode for this. chroot in the chroot thread the whole process.

, , , - , . mmap . , , .

+7

Source: https://habr.com/ru/post/1726654/

More articles:


All Articles