Sandboxing an application

[JP]

Hi Guys,

I am about to start developing a C# application to be distributed
widely on the internet. The computers that are going to install this
application are not directly associated with our organization, but
they are lending computing power to our grid application.

I want to make sure that the application that we send out is as secure
as possible! Therefore I would like to know how to sandbox an
application (sandboxing in the sense used by Google Chrome for
containing an application in a seperate memory and disk space, so it
can't interact with the rest of the operating system).

All I need to do is the following:

1) Download and save a file that describes the task at hand for the
client application.
2) Do my math calculations.
3) At preset intervals save the progress of the calculations to a
binary file on disk.
4) Upload the result of the calculations done.
5) Save some configuration parameters.

Thus the application should not be allowed to interact with any other
applications or the rest of the operating system in any way.

How can I achieve this?

Thanks in advance,
JP

 

[Pavel Minaev]

Hi Guys,

I am about to start developing a C# application to be distributed
widely on the internet. The computers that are going to install this
application are not directly associated with our organization, but
they are lending computing power to our grid application.

I want to make sure that the application that we send out is as secure
as possible! Therefore I would like to know how to sandbox an
application (sandboxing in the sense used by Google Chrome for
containing an application in a seperate memory and disk space, so it
can't interact with the rest of the operating system).

All I need to do is the following:

1) Download and save a file that describes the task at hand for the
client application.
2) Do my math calculations.
3) At preset intervals save the progress of the calculations to a
binary file on disk.
4) Upload the result of the calculations done.
5) Save some configuration parameters.

Thus the application should not be allowed to interact with any other
applications or the rest of the operating system in any way.

How can I achieve this?

The simplest and yet the most secure way - and this is regardless of
the type of application (.NET or not), is to run the application under
a special-purpose user account, created just for it, that has strictly
the permissions that the application needs granted explicitly, and
nothing else. You can make the installer for your application set up
such a user account, and configure your binary to launch under that
account. That's really all there is to it.

The tricky part of what Chrome (and IE8) do is that they also have
parts of the application which need full access to the system (well,
not full, but as much as the user has) - so that you can e.g. save a
webpage to any folder user has access to. So they have one process
running under a limited account, which does most things, another
process running under the user account interacting with the user and
accessing resources as needed (such as showing the Save As dialog,
browsing through folders, and creating the file), and then some sort
of communication between those processes so that the sandboxed one can
transfer the data that needs to be saved. For your case, it doesn't
seem that you have such scenarios here, so it should be much easier
with just a single sandboxed process.

 

[JP]

Thanks Pavel! That does answer my question!

/jp