.NET CEF wrapper with sandbox support

Do not post support requests, bug reports or feature requests. Discuss CEF here. Non-CEF related discussion goes in General Discussion!

.NET CEF wrapper with sandbox support

Postby maciejpiwowarczyk » Wed Apr 05, 2017 5:35 am

I'm looking for .NET CEF wrapper that supports sandboxing. Unfortunately none of the main projects mentioned in External Projects page do not support that (CefSharp, Cefglue, ChromiumFX). I've also looked into projects for other languages and it seems that they also do not support sandboxing.
I see that requirements for sandboxing are:
// To enable the sandbox on Windows the following requirements must be met:
// 1. Use the same executable for the browser process and all sub-processes.
// 2. Link the executable with the cef_sandbox static library.
// 3. Call the cef_sandbox_info_create() function from within the executable
// (not from a separate DLL) and pass the resulting pointer into both the
// CefExecutProcess() and CefInitialize() functions via the
// |windows_sandbox_info| parameter.

As far as I understand it, these restrictions mean that if you want to use sandboxing from .NET you need to implement some kind of interprocess communication with application written purely in C/C++ that embeds CEF.
Do I understand it correctly? Is there such application that I could integrate?
Maybe there are so many limitations related to this approach that from practical point of view it is not sensible to implement it this way.
I'm not an expert on CEF so any help will be appreciated. I'm trying to find existing project that will allow me to include CEF in .NET application with sandbox support or if no such project exists I'm trying to assess how hard it is to implement it.
maciejpiwowarczyk
Newbie
 
Posts: 3
Joined: Wed Apr 05, 2017 5:32 am

Re: .NET CEF wrapper with sandbox support

Postby fddima » Wed Apr 05, 2017 10:56 am

Solution is create native process which will host CLR inside (by utilizing CLR Hosting Interfaces).
fddima
Master
 
Posts: 788
Joined: Tue Dec 07, 2010 6:10 am

Re: .NET CEF wrapper with sandbox support

Postby fddima » Wed Apr 05, 2017 10:58 am

Question has been already asked, here, but user doesn't share/provide own feedback.
fddima
Master
 
Posts: 788
Joined: Tue Dec 07, 2010 6:10 am

Re: .NET CEF wrapper with sandbox support

Postby maciejpiwowarczyk » Thu Apr 06, 2017 5:03 am

Thank you very much for your answer. I have heard about this solution before. However, I don't understand why it is required. By doing this I understand that Broker process and Sandbox process will have .NET running inside but I don't know where to go from there. I also want to assess how hard could it be since none of the projects implement it and from my perspective sandboxing is quite important security feature.
I'm still thinking about some generic Broker process that starts Sandbox processes and exposes communication interface through IPC. Have you heard about such project? Is it even feasible to implement? That would give most generic solution that does not depend on any particular language or runtime (be it C# or java).
If you could give me some insights on what are the challenges I will be very grateful.
maciejpiwowarczyk
Newbie
 
Posts: 3
Joined: Wed Apr 05, 2017 5:32 am

Re: .NET CEF wrapper with sandbox support

Postby fddima » Thu Apr 06, 2017 6:22 am

If you implement IPC and use native CEF then yes, you can have sandboxed browser. But in that case there is no place for .NET inside browser and your initial question loose any sense.

To be native process for sandbox comes from sandbox library implementation: you should link it for you exe, that can't be done without CLR hosting.

Technique like you describing: i.e. have Broker which runs and control Browser(s) processes used sometimes to breach some embedding limitations. But i'm believe that really generic solution no have sense: make remote access to whole CEF API is counter effective (all calls should be marshalled -> performance loss). More efficient is creating specialized API. But this have sense regardless to .NET or sandbox.1

As for security: it is also depends from situation.
1. If you application run known pages (i.e. own/trusted content) - then sandbox can be safely disabled.
2. If you do crawl random untrusted content, then having sandbox can be good addition. But for this cases you always can start browser from special restricted user and rely only on OS security (and modern OS like W10+ is preferable by unique security feats). This is not equal, but can be enough. In final - sandbox doesn't save from security holes in browser process, so at some points you anyway rely on OS security.
fddima
Master
 
Posts: 788
Joined: Tue Dec 07, 2010 6:10 am

Re: .NET CEF wrapper with sandbox support

Postby maciejpiwowarczyk » Fri Apr 07, 2017 2:49 am

Thank you for explanation.
I have one more question - for example in the case of Xilium.CefGlue if I'm able to start my .NET application through CLR hosting and statically link sandbox library will it require to implement major changes in Xilium.CefGlue in order for sandboxing to work or will it require only minor changes? I'm trying to understand if this requires some completely different approach than existing wrappers are using or the major challenge is CLR hosting and when it is achieved the rest should work just fine and I can use existing libraries.
maciejpiwowarczyk
Newbie
 
Posts: 3
Joined: Wed Apr 05, 2017 5:32 am

Re: .NET CEF wrapper with sandbox support

Postby fddima » Fri Apr 07, 2017 6:28 am

maciejpiwowarczyk wrote:Thank you for explanation.
I have one more question - for example in the case of Xilium.CefGlue if I'm able to start my .NET application through CLR hosting and statically link sandbox library will it require to implement major changes in Xilium.CefGlue in order for sandboxing to work or will it require only minor changes? I'm trying to understand if this requires some completely different approach than existing wrappers are using or the major challenge is CLR hosting and when it is achieved the rest should work just fine and I can use existing libraries.


Normally it should not require any changes (of course you should pass real sandbox info instead of IntPtr.Zero in 2-3 major calls.)
fddima
Master
 
Posts: 788
Joined: Tue Dec 07, 2010 6:10 am


Return to CEF Discussion

Who is online

Users browsing this forum: No registered users and 17 guests