Jump to content

Plug-ins: built-in control on their range of activities

Baby Astronaut

By Baby Astronaut
in Computer Science

 Share

Recommended Posts

Baby Astronaut

Baby Astronaut

Posted
Posted

If you program a software, can you limit how much freedom any plug-ins would have on the computer system?

 

For example, let's say you programmed a book reader, an image editor, or a font creator, and it lets the user import any plug-ins for expanding its capabilities. Would you be able to limit the plug-in to a certain environment, like forbidding it access to the internet, critical system folders, or anything you think of? Can you sandbox it to affect only saved user files and only those within the install folder of your program (or a specified folder)?

 

Basically, if your program is a trusted and dependable software, can you ensure the plug-ins will be as secure?

khaled

khaled

Posted
Posted

There are 3 main approaches to this:

 

1. The software limit any plug-in from the inside using it constrained regulations of use, this depends on how you program the plug-in manager ...

 

2. The software has a plug-in container thread, which is programmed, contain any plug-in, and limits it use, and it has low priority inside the system !

 

3. you sand-box the whole OS, including all ports, ..etc

  • 4 weeks later...
Baby Astronaut

Baby Astronaut

Posted
  • Author
Posted

There are 3 main approaches to this:

 

1. The software limit any plug-in from the inside using it constrained regulations of use, this depends on how you program the plug-in manager ...

 

2. The software has a plug-in container thread, which is programmed, contain any plug-in, and limits it use, and it has low priority inside the system !

 

3. you sand-box the whole OS, including all ports, ..etc

Thank you.

 

1. Seems to address what I'm looking for. So the OP is possible?

 

2. What's a container/thread? It sounds like a good and simple way to ensure the security of plug-ins.

 

3. How do you accomplish that?

khaled

khaled

Posted
Posted

Thank you.

 

1. Seems to address what I'm looking for. So the OP is possible?

 

2. What's a container/thread? It sounds like a good and simple way to ensure the security of plug-ins.

 

3. How do you accomplish that?

 

1. You have to program the plug-in manager

 

2. it's a thread that works aside from your program, async communicates with it, to manage the use of plug-ins

-- it's simply a simple thread, which is programmed to give authorization for any action related to plug-ins, it checks

-- if it's valid action for current permissions, then it either give OK, or DENY

 

3. this is really too hard for one to program, usually security companies such as Norton and McAfee make

-- their sandboxing software, there are some open-source sandbox software that you can check

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.