The main task of isolating the program from the operating system, as Sandboxie does, but I need the program to execute code in a real OS. For example: A program running in a sandbox shows a MessageBox and the sandbox itself shows this MessageBox in a real OS. Is it possible to implement this in C #, can anyone know which articles to read or source links?

  • Your question is too general for so. And you can read for example from here: habr.com/ru/en/post/434138 - AK
  • one
    Can you just run a virtual machine on a remote or just a remote machine? - Vitaliy Shebanits
  • No, I need to run the program in a virtual environment and run it in a real OS. - Cooller Floyd

1 answer 1

In .NET applications run within the so-called application domains (application domains). Application isolation is performed at this level.

Each application domain has permissions that can be restricted. A sandbox in terms of .NET means that your application creates a new domain with limited rights and runs the potentially dangerous code there.

You can limit the assemblies that can be loaded, you can limit the folder on the disk accessible to the application (it will not be able to read and write files in other folders), and so on.

The topic is actually extensive, will require the study of a large number of materials. You can start here . For the creation of domains, see the CreateDomain method by reference, especially overloading, which allows you to set domain parameters.