How to prevent access to local file system

Question

I have a situation in which my (C#) application can load external DLLs (not written by me) and execute code from those libraries. The libraries can be C# or CPP.

I need to make sure this external code won't access any files in my local file system (read and write) except from a specific folder.

How can i do that?

Answer 1

Take a look at Molebox, maybe it will fit your needs. Molebox lets you wrap modules to sandbox them.

Answer 2

I've seen third-party code that does this; for example, Jint lets you write JavaScript scripts that manipulate CLR objects, but it prevents any JavaScript-originated code paths from accessing the filesystem, Reflection, etc. by using permissions.

You can read Jint's documentation and poke through their source code for more details, but the essence of it seems to be this:

PermissionSet myPermissionSet = new PermissionSet(PermissionState.None);
// or some other permission set, depending on your requirements

try {
    myPermissionSet.PermitOnly();
    // run untrusted code
} finally {
    CodeAccessSecurity.RevertPermitOnly();
}

A lot of things I've read say you need to create a sandboxed Appdomain (something I've never had much success with), but Jint's approach seems to work pretty well. You might have to watch out for the third-party code hooking static events that would fire later, though -- then they could escape the PermitOnly scope.

Answer 3

It depends on your framework, but you can use Caspol (Code Access Security Policy) up to .Net 3.5 (and I think C++ DLLs also) to specify security privileges including IO access.

Hope that helps :)

Answer 4

Secure the files through the OS facilities (filesystem privs), create an account that can access only those files and use this account to run the application

Answer 5

Run the application as a restricted user account and only grant the user access to that specific folder.