0

I want to create thread or process that would have its own virtual address space (It would probably would have to be separate process) without system libraries in the address space. My goal is to create an execution environment for foreign origin code.

I would like to create a thread with no system libraries, just few executable pages where user's code would be copied and the thread entry point would be placed and also few RW pages for stack and data exchange with main thread.

Is it possible to completely unmap all system libraries on windows (or possibly Linux) from virtual memory from application level?

Sebi
  • 1,390
  • 1
  • 13
  • 22
  • What are you trying to achieve? How do you prevent the code from doing system calls by itself? (without using shared system libraries) – mensi Apr 21 '12 at 11:12
  • Yes, I want to completly separate the code from the machine and only give it access to given memory region. I completly forgot about system interrupts... This also is a problem and have to be disabled somehow. – Sebi Apr 21 '12 at 11:25

2 Answers2

0

Unmapping system libraries will not prevent the binary from performing system calls by itself. To catch all operations which you are trying to prevent, some form of binary translation is necessary. You might want to have a look at libdetox and fastBT (Google Tech Talk about fastBT)

mensi
  • 9,580
  • 2
  • 34
  • 43
0

Depending on what you want to achieve, it might be easier to run the foreign code within a User-Mode Linux, qemu, VMware or other virtualization solution (using a fresh copy of the virtual hard disk for each run, not providing any network interfaces, etc.).

Daniel Roethlisberger
  • 6,958
  • 2
  • 41
  • 59