Java – securitymanager for cloud service “sandbox”
All,
I am designing a cloud based service that will provide the option to execute some "plug-in" code submitted by customers To do this, plug - ins cannot threaten system integrity or have the ability to access other client data
Ideally, I want the client to submit a simple jar file (containing classes that conform to some predefined interfaces) and run it in the sandbox
Client code should be allowed:
>CPU time required on a single thread > perform any calculations using standard Java classes such as java.lang.math, java.util.random, etc. > Call any libraries bundled in the jar (subject to the same restrictions)
But I especially need to prohibit the following:
>Generate new threads (so that server resources can be managed fairly!) > Any access to file system / Io / Network > any access to native code > any access to data in JVM other than data passed to / created by client code > except Any access rights reflected by classes other than those in the jar sandbox > in addition to the standard Java library, you can also call methods on objects outside the sandbox
Can I use custom classloader / securitymanager settings to do this? Or do I need to start looking for more complex solutions (such as starting multiple JVMs?)
Solution
Resources cannot be managed and restricted in Java You can prevent malicious code from accessing system resources (disk / network, etc.) or the JVM itself, but: