Sandboxed Plugin architecture
https://stackoverflow.com/questions/7505151
-
25-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
I was googling and searching SO for plugin architecture and I'm satisfied by general knowledge on how to implement it. Now I went further to look for a sandboxed architecture. Basically what I mean is an application with plugin whereby crashing in plugin won't crash the whole app and the plugin can be reloaded. I cannot find good documentation. I know Firefox implements it (crashing flash plugin does not affect whole FF thing and can be reloaded) Thanks!
Solução
The only way you can have a truly sandboxed architecture wherein a plug-in cannot directly crash the parent application's process or corrupt its memory is by placing it into a separate OS process, with a separate memory space. When doing this, you will need to rely on interprocess communication facilities of the OS (pipes, sockets, remote procedure calls, memory mapped files, shared memory, synchronization objects, etc.) to interact with the plug-in.
Outras dicas
Google's native client technology may be more thorough than what you were looking for, but it might be worth a read.
