Research: Child sandbox IPC

[MaulingMonkey]

• [x] Pipes?
• [ ] VirtualAllocEx?
• [ ] ...?

[MaulingMonkey]

Basic anonymous 1-way pipes are usable for basic IPC. Named pipes would add the option of message framing, potentially improving recovery from (de)serialization errors (and potentially allowing multithreaded pipe reads?) I believe I read somewhere that anonymous pipes are really just system-named pipes under the hood, so this isn't a particularly onerous jump in API exposure.

Sandbox debugger examples already use ReadProcessMemory as well in order to read debug string events. N.B. ReadProcessMemory is not a preferred IPC mechanism however. Perhaps not entirely cancerous for an OS-like parent process, but worth avoiding for a sufficiently paranoid security-minded sandboxer, which is probably half the reason you're interested in this crate/repository/code.

Related reading:

• When you crash, make sure you crash in the right place
• IsBadXxxPtr should really be called CrashProgramRandomly
• If I'm not supposed to call IsBadXxxPtr, how can I check if a pointer is bad?
• A closer look at the stack guard page

Closing for now: while there's more to potentially research on an as-needed basis, basic pipes seem like the straightforward basic answer.