![]() If you don’t spend all day keeping up with the Windows API, you’re probably missing something. I am constantly surprised to find out about new things I didn’t know were added, or old things I never knew were there. I know a lot about Windows programming - I’ve been doing it for thirty years now - but I assure you I still barely know anything relative to the full scope of the API. One unfortunate aspect of the massive Windows API is that honestly, I just don’t know what’s in it. ![]() That’s the best case you can hope for in a sandboxed process. Literally all the code can do is write to the preallocated memory, so 100% of the security attack surface would be back in the parent process, when it inspects the memory (since presumably it has to do that, otherwise why did it bother running the process). These processes could execute arbitrary compiled WASM/Javascript/whatever, and there’d be no need for any security checks whatsoever in the compiled code. This seems like the perfect security sandbox API for an OS to provide to the application layer. A base pointer to whatever this memory is would presumably be passed in the lpParameter of the CreateRemoteThread call(s). ![]() Since these threads can’t make system calls, they would not be able to do anything at all other than read and write from memory that has been VirtualAllocEx’d or MapViewOfFile3’d by the parent process. You would then be expected to VirtualAllocEx or MapViewOfFile3 some memory inside that process, write the code you want to execute into that memory, and then call CreateRemoteThread to start some threads executing in the process. It would be prevented from having any DLLs mapped into it whatsoever - loaded, injected or otherwise. This would instruct the kernel to create a blank process, with literally nothing in it, and without the ability to make any syscalls at all. If I were working on platform security, the very first thing I would add is a call like this: HANDLE SandboxedProcess = CreateZeroProcess() They call dozens of Windows functions to create somewhat-sandboxed separate processes for running browser pages, thus reducing the chances malicious code can directly access system functions.ĭespite years of incrementally adding additional calls, flags, and parameters that restrict Windows processes, the Windows kernel still - for reasons I do not understand - doesn’t provide a way to create a process that can’t make any system calls at all (or rather, can only make one very specific kind of syscall, as I’ll discuss later). To do this on Windows, programs like Chrome go through extraordinary lengths. which is a benefit in its own right.One of the things everyone wants to do nowadays is run untrusted code in a secure environment. While it's not as versatile as setting up a VM with whatever settings you want, Windows Sandbox is extremely easy to use for anyone. It's just a clean copy of your operating system, which is isolated from the rest of your files so everything stays safe. Everything is set up automatically, and the operating system inside Windows Sandbox is the same you're currently using. Unlike a traditional VM, however, Windows Sandbox doesn't need to you to provide an ISO file, a virtual hard disk, or anything. This can be downloading a potentially dangerous piece of software or testing your own software that you're developing, which might cause issues with your system. Windows Sandbox relies on virtualization technology, the same kind of technology that powers Hyper-V virtual machines (VMs), to create an isolated environment for you to test software in. However, there's third-party software like Sandboxie that achieves a similar purpose. It's only available for Pro and Enterprise editions, however, so there's a good chance your PC doesn't support it. Windows Sandbox is a feature introduced with Windows 10 version 1903, and it has been a part of Windows ever since. SCROLL TO CONTINUE WITH CONTENT What is Windows Sandbox?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |