CN109325345A - Method and apparatus for running third party code in sandbox environment - Google Patents
Method and apparatus for running third party code in sandbox environment Download PDFInfo
- Publication number
- CN109325345A CN109325345A CN201811108552.9A CN201811108552A CN109325345A CN 109325345 A CN109325345 A CN 109325345A CN 201811108552 A CN201811108552 A CN 201811108552A CN 109325345 A CN109325345 A CN 109325345A
- Authority
- CN
- China
- Prior art keywords
- server
- environment
- party code
- mark
- sandbox environment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Abstract
The embodiment of the present application discloses the method and apparatus for running third party code in sandbox environment.One specific embodiment of this method includes: to obtain the mark of virtual interface in response to detecting that third party code calls the virtual interface of the isolated operation type in sandbox environment at runtime;The call request for calling target interface corresponding with mark is sent to the second server of deployment host environment, first server is physically separated with second server;Receive the called call result obtained later of target interface corresponding with mark that second server returns.The embodiment can control effectively to the safety of third party code.
Description
Technical field
The invention relates to field of computer technology, and in particular to for running third party code in sandbox environment
Method and apparatus.
Background technique
With the continuous development of mobile Internet, (refer to that those possess huge user in face of some super mobile applications
Number, the base application of similar " installation is indispensable " etc.) status of main flow entrance is occupied, many middle-size and small-size applications start towards class
The form of light application (or small routine) goes to make the transition.
Using similar, they have a host environment by class light application (Lite Application) technology and Web.It compares
It is browser in the host environment of Web application, the host environment of class light application is generally some super application (for example, wechat, hundred
Degree etc.).In the operational process of class light application, host environment provides some necessary abilities (for example, dialing electricity for class light application
Talk about, adjusted camera, short message reading record, sent network request etc.), class light application may not need the realization for paying close attention to these logics
Mode does not need the bottom architecture for being concerned about host environment yet.Class light application has the characteristics that search and use immediately, and user is not necessarily to will be related
The locally downloading preservation of code, realizing the second to a certain extent searches the experience that the second opens, and receiving user will be widely welcomed.
However, since class light application is usually from third party (for example, medium-sized and small enterprises, individual developer etc.), rather than place
Primary climate oneself provides, and therefore, if including malicious code in class light application, is likely to bring security risk to host environment.
Summary of the invention
The embodiment of the present application proposes the method and apparatus for running third party code in sandbox environment.
In a first aspect, the embodiment of the present application provides a kind of method for running third party code in sandbox environment,
Applied to the first server of deployment sandbox environment, this method comprises: in response to detecting that third party code calls at runtime
The virtual interface of isolated operation type in sandbox environment, obtains the mark of virtual interface;To the second clothes of deployment host environment
Business device sends the call request for calling target interface corresponding with mark, and first server is physically separated with second server;
Receive the called call result obtained later of target interface corresponding with mark that second server returns.
In some embodiments, virtual interface is identical as the method for calling of corresponding target interface.
In some embodiments, this method further include: in response to not receiving call result within a preset period of time, again
Call request is sent to second server.
In some embodiments, this method further include: in response to detecting that third party code calls sandbox ring at runtime
The target interface of non-isolated action type in border, calls directly the target interface of non-isolated action type.
In some embodiments, before detecting third party code, this method further include: receive that developer submits will be
The third party code run in host environment, third party code is deployed in sandbox environment.
Second aspect, the embodiment of the present application provide a kind of method for running third party code in sandbox environment,
Applied to the second server of deployment host environment, this method comprises: what the first server for receiving deployment sandbox environment was sent
Call request, call request include virtually connecing for the isolated operation type in the sandbox environment that third party code calls at runtime
The mark of mouth, first server are physically separated with second server;It determines and identifies corresponding target interface;Determined by calling
Target interface, and obtained call result is returned into first server.
In some embodiments, second server corresponds to multiple first servers, method further include: uses asynchronous mechanism
Handle the call request received.
In some embodiments, this method further include: in response to being received within a preset period of time more than preset quantity
Part call request in the call request received is forwarded to its of deployment host environment by the call request of computation-intensive
His server.
The third aspect, the embodiment of the present application provide a kind of device for the operation third party code in sandbox environment,
Applied to the first server of deployment sandbox environment, which includes: mark acquiring unit, is configured in response to detect the
Tripartite's code calls the virtual interface of the isolated operation type in sandbox environment at runtime, obtains the mark of virtual interface;Please
Transmission unit is sought, is configured to send the tune for calling target interface corresponding with mark to the second server of deployment host environment
With request, first server is physically separated with second server;As a result receiving unit is configured to receive second server and returns
The call result obtained after the target interface corresponding with mark returned is called.
In some embodiments, virtual interface is identical as the method for calling of corresponding target interface.
In some embodiments, device further include: retransmit unit, be configured in response within a preset period of time
Call result is not received, sends call request to second server again.
In some embodiments, device further include: interface call unit is configured in response to detect third party's generation
Code calls the target interface of the non-isolated action type in sandbox environment at runtime, calls directly the mesh of non-isolated action type
Tag splice mouth.
In some embodiments, device further include: code deployment unit, be configured to receive developer's submission will be
The third party code run in host environment, third party code is deployed in sandbox environment.
Fourth aspect, the embodiment of the present application provide a kind of device for the operation third party code in sandbox environment,
Applied to the second server of deployment host environment, which includes: request reception unit, is configured to receive deployment sandbox ring
The call request that the first server in border is sent, call request includes in the sandbox environment that third party code calls at runtime
The mark of the virtual interface of isolated operation type, first server are physically separated with second server;Interface determination unit, quilt
It is configured to determine and identifies corresponding target interface;Return unit is called, is configured to call identified target interface, and will
Obtained call result returns to first server.
In some embodiments, second server corresponds to multiple first servers, the device further include: asynchronous process list
Member is configured to handle the call request received using asynchronous mechanism.
In some embodiments, device further include: request retransmission unit is configured in response within a preset period of time
The call request more than preset quantity computation-intensive is received, the part call request in the call request received is turned
It is dealt into other servers of deployment host environment.
5th aspect, the embodiment of the present application provide a kind of electronic equipment, comprising: one or more processors;Storage dress
It sets, is stored thereon with one or more programs;When one or more programs are executed by one or more processors so that one or
Multiple processors realize method or realization such as any realization side in second aspect as described in implementation any in first aspect
The method of formula description.
6th aspect, the embodiment of the present application provide a kind of computer-readable medium, are stored thereon with computer program, should
The method as described in implementation any in first aspect is realized when computer program is executed by processor or realizes such as second party
The method of any implementation description in face.
Method and apparatus provided by the embodiments of the present application for running third party code in sandbox environment, by examining
Survey the mark that virtual interface is obtained when third party code calls the virtual interface of the isolated operation type in sandbox environment at runtime
Know, the rear second server to deployment host environment send the request for calling corresponding with mark target interface, finally receive
The call result that second server returns, control effectively so as to the safety to third party code.
Detailed description of the invention
By reading a detailed description of non-restrictive embodiments in the light of the attached drawings below, the application's is other
Feature, objects and advantages will become more apparent upon:
Fig. 1 is to can be applied to exemplary system architecture figure therein according to one embodiment of the application;
Fig. 2 is the stream according to one embodiment of the method for running third party code in sandbox environment of the application
Cheng Tu;
Fig. 3 is an application scenarios according to the method for running third party code in sandbox environment of the application
Schematic diagram;
Fig. 4 is another embodiment according to the method for running third party code in sandbox environment of the application
Flow chart;
Fig. 5 is the knot according to one embodiment of the device for running third party code in sandbox environment of the application
Structure schematic diagram;
Fig. 6 is another embodiment according to the device for running third party code in sandbox environment of the application
Structural schematic diagram;
Fig. 7 is adapted for the structural schematic diagram for the computer system for realizing the electronic equipment of the embodiment of the present application.
Specific embodiment
The application is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is used only for explaining related invention, rather than the restriction to the invention.It also should be noted that in order to
Convenient for description, part relevant to related invention is illustrated only in attached drawing.
It should be noted that in the absence of conflict, the features in the embodiments and the embodiments of the present application can phase
Mutually combination.The application is described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Fig. 1 shows the method for being used to run third party code in sandbox environment that can apply the application or is used for
The exemplary system architecture 100 of the embodiment of the device of third party code is run in sandbox environment.
As shown in Figure 1, system architecture 100 may include first server 101, network 102 and second server 103.The
One server 101 is physically separated with second server 103 (for example, first server 101 and second server 103 distinguish position
In in different calculating equipment).Network 102 is to provide communication link between first server 101 and second server 103
Medium.Network 102 may include various connection types, such as wired, wireless communication link or fiber optic cables etc..
First server 101 can be to provide the server of various services, such as providing the server of sandbox environment.
The third party code that nonhost environment provides can be run in sandbox environment.It can be configured in sandbox environment and host environment
In real interface the identical virtual interface of method of calling.First server 101 can detecte third party code to virtually connecing
The calling of mouth.When first server 101 detects that third party code calls virtual interface, can be sent out to second server 103
The request of calling real interface corresponding with virtual interface is sent, and receives the result that second server 103 returns.
Second server 103 is also possible to provide the server of various services, such as providing the service of host environment
Device.The data such as the call request that second server 103 can send first server 101 are analyzed and processed (for example, determining
Corresponding real interface calls real interface to obtain call result), and processing result (such as call result) is returned into the first clothes
Business device 101.
It should be noted that the method provided by the embodiment of the present application for running third party code in sandbox environment
It can be executed, can also be executed by second server 103 by first server 101.Correspondingly, for being run in sandbox environment
The device of third party code can be set in first server 101, also can be set in second server 103.
It should be noted that first server 101 and second server 103 can be hardware, it is also possible to software.When
When one server 101 and second server 103 are hardware, the distributed server collection of multiple server compositions may be implemented into
Group, also may be implemented into individual server.When first server 101 and second server 103 are software, may be implemented into more
A software or software module (such as providing Distributed Services), also may be implemented into single software or software module.Herein
It is not specifically limited.
It should be understood that the number of first server, network and second server in Fig. 1 is only schematical.According to
It realizes and needs, can have first server, network and the second server of any suitable number.
With continued reference to Fig. 2, show according to the application for the method for operation third party code in sandbox environment
The process 200 of one embodiment.The method for being used to run third party code in sandbox environment, may comprise steps of:
Step 201, in response to detecting that third party code calls the isolated operation type in sandbox environment at runtime
Virtual interface obtains the mark of virtual interface.
In the present embodiment, sandbox environment can be deployed in first server (for example, first server 101 of Fig. 1),
Host environment can be deployed on second server (for example, second server 103 of Fig. 1).For being run in sandbox environment
The executing subject (for example, first server 101 of Fig. 1) of the method for third party code can detecte third party code at runtime
The virtual interface that action type is isolated in sandbox environment whether is called, and is detecting the above-mentioned virtual interface of third party code calling
When obtain virtual interface mark.Here, third party code can be the code of nonhost environment offer (for example, class is gently answered
With).
Here, first server is physically separated with second server.Use virtualization technology by a physics for example, working as
When mainframe virtualization is more fictitious host computers, first server and second server can be located on different physical hosts, from
And it may be implemented to physically separate, and then further avoid influence of the third party code to host environment.
Sandbox (Sandbox), also referred to as sandbox or sand table refer to a kind of virtual technology in computer field.Its basic principle
It is: according to the real running environment of computer program, a virtual running environment is created, when some program attempts to play a role
When, first it can be allowed to run in sandbox, program in sandbox caused by all changes true running environment will not be caused
Any influence.Sandboxing often should in computer safety field, such as using sandbox computer virus feature is studied,
Or it is insincere for some sources, have destructive power or can not decision procedure be intended to program test run environment etc. is provided.
In the present embodiment, sandbox environment can be restricted secure operating environment, for providing third party code
Running environment.The simulation to host environment may be implemented in sandbox environment.Specifically, sandbox environment can be configured with isolated operation class
The virtual interface of type, each virtual interface can correspond to a target interface of host environment, for example, each virtual interface
Mark can be identical as the mark of one of target interface.The corresponding target interface of virtual interface can be can be to host's ring
The interface that border impacts.
In some optional implementations of the present embodiment, virtual interface and corresponding target interface tune having the same
Use mode.For example, virtual interface and corresponding target interface calling path having the same, call parameters etc., but do not have
The function of standby target interface.The effect of virtual interface is that third party code is allowed to think that oneself really has invoked target interface.One
As for, since third party code perception is less than oneself operating in host environment or in sandbox environment, for the
What is called for tripartite's code is the target interface in host environment, and what is actually called is virtually connecing in sandbox environment
Mouthful, security risk is brought to host environment so as to avoid third party code.
In some optional implementations of the present embodiment, this is used to run the side of third party code in sandbox environment
Method can also include: in response to detecting that third party code calls the virtual of the isolated operation type in sandbox environment at runtime
Interface obtains the call parameters of virtual interface.The implementation can be adapted for the virtual interface for needing Transfer Parameters.
Step 202, the calling for calling target interface corresponding with mark is sent to the second server of deployment host environment
Request.
In the present embodiment, above-mentioned executing subject can send call request to second server, so as to second server
It determines target interface corresponding with the mark that step 201 obtains in host environment, and calls the target interface.
Step 203, the called calling obtained later of target interface corresponding with mark that second server returns is received
As a result.
In the present embodiment, above-mentioned executing subject can receive the target interface corresponding with mark of second server return
The call result obtained after called is (and by the call result received return third party code, to complete third party
The interface calling procedure of code).
It is provided in this embodiment for being transported in sandbox environment compared with running third party code directly in host environment
The method of row third party code can effectively completely cut off the running environment of third party code with host environment, so as to avoid
Host environment is influenced when tripartite's code calling interface.
In addition, in the related technology by carrying out aptitude checking (for example, the stronger enterprise of public credibility is added white to developer
List) ensure the safety of third party code, even if but the code submitted of developer in white list can not avoid existing
Loophole, to will affect host environment.And in this application, even if there are loophole, use provided in this embodiment for third party code
In the method for running third party code in sandbox environment security risk can also be brought to host environment to avoid third party code.
In addition, compared with the third party code that manual examination and verification developer submits, it is provided in this embodiment in sandbox ring
The method that third party code is run in border can reduce the cost of labor of audit code, accelerate the online progress of third party code.
In some optional implementations of the present embodiment, this is used to run the side of third party code in sandbox environment
Method can also include: to send to call to second server again and ask in response to not receiving call result within a preset period of time
It asks.
For third party code when calling virtual interface, the first server for disposing sandbox environment will be with deployment host environment
Second server once communicated.In order to ensure communicating successfully, retry mechanism can be set in each communication.This realization
In mode, retransmit by setting time-out time (that is, preset time period) may insure to communicate successfully every time.
Optionally, different time-out times different interfaces can be arranged, so as to avoid third party developer couple
The setting of interface time of return is wrong and causes repeatedly to send call request.
In some optional implementations of the present embodiment, this is used to run the side of third party code in sandbox environment
Method can also include: in response to detecting that third party code calls the mesh of the non-isolated action type in sandbox environment at runtime
Tag splice mouth calls directly the target interface of non-isolated action type.Here, the target interface of non-isolated action type can refer to
Confirmation will not be to the interface that host environment impacts.As an example, the target interface of non-isolated action type can be acquisition
The interface of present system time.By calling directly the target interface of non-isolated action type, on the one hand reduce sandbox environment
On the other hand call duration time between host environment also reduces the request pressure of second server.
In some optional implementations of the present embodiment, before detecting third party code, this is used in sandbox ring
The method that third party code is run in border can also include: the third party to run in host environment for receiving developer and submitting
Third party code is deployed in sandbox environment by code.
With continued reference to Fig. 3, it illustrates the methods for running third party code in sandbox environment according to the application
An application scenarios.In the application scenarios 300 of Fig. 3, class light application " XX bicycle " 301 (that is, third party code) is deployed in
In sandbox environment, host operates in host environment using " X letter " 303.Sandbox environment and host environment are deployed in each other respectively
In physically-isolated first server and second server.Virtual interface 302 in sandbox environment realizes in host environment
The method of calling of the interface (for example, the interface for obtaining friend information) of isolated operation type.First server is detecting that class is light
When calling the virtual interface 302 for obtaining friend information using 301, the mark of the virtual interface 302 is obtained.Later, to the second clothes
Business device sends call request, identifies corresponding target interface to call.Then, in host environment corresponding target interface (that is,
Obtain the real interface of friend information) be called receives the call result (for example, friend information) that second server returns later.
Finally, the call result is returned to class light application 301.
The method provided by the above embodiment for running third party code in sandbox environment of the application, by examining
Survey the mark that virtual interface is obtained when third party code calls the virtual interface of the isolated operation type in sandbox environment at runtime
Know, the rear second server to deployment host environment send the request for calling corresponding with mark target interface, finally receive
The call result that second server returns, control effectively so as to the safety to third party code.
With further reference to Fig. 4, it illustrates the sides for the operation third party code in sandbox environment according to the application
The process 400 of another embodiment of method.The method for being used to run third party code in sandbox environment, may include following
Step:
Step 401, the call request that the first server of deployment sandbox environment is sent is received.
In the present embodiment, sandbox environment can be deployed in first server (for example, first server 101 of Fig. 1),
Host environment can be deployed on second server (for example, second server 103 of Fig. 1).For being run in sandbox environment
The executing subject (for example, second server 103 of Fig. 1) of the method for third party code can receive the tune of first server transmission
With request.Wherein, call request includes the mark of virtual interface.The mark can be first server and detect third party's generation
The mark of the virtual interface obtained when the virtual interface for the isolated operation type in sandbox environment that code calls at runtime.This
In, first server is physically separated with second server, and third party code can be the code (example of nonhost environment offer
Such as, class light application).
Step 402, it determines and identifies corresponding target interface.
In the present embodiment, above-mentioned executing subject can determine corresponding with the received mark of step 401 in host environment
Target interface (for example, the interface for obtaining friend information).Here, target interface corresponding with the mark of virtual interface for example can be with
It is target interface identical with the mark of virtual interface.
Step 403, target interface determined by calling, and obtained call result is returned into first server.
In the present embodiment, the target interface that above-mentioned executing subject can be determined with invocation step 402, the tune that then will be obtained
First server is returned with result (for example, friend information), and then returns to third party code, to realize third party code
Interface calling procedure.
It is provided in this embodiment for being transported in sandbox environment compared with running third party code directly in host environment
The method of row third party code can effectively completely cut off the running environment of third party code with host environment, so as to avoid
Host environment is influenced when tripartite's code calling interface.
In some optional implementations of the present embodiment, second server can correspond to multiple first servers.
That is, a host environment can correspond to multiple sandbox environments.That is, second server can receive multiple first services
The call request of device.Corresponding to the implementation, which can also be wrapped
It includes: handling the call request received, using asynchronous mechanism so as to ensure to block mutually between call request.
In some optional implementations of the present embodiment, host environment can also be deployed in other second servers
On (for example, second server other than current executing subject).Corresponding to the implementation, this is used to run in sandbox environment
The method of third party code can also include: to count in response to receiving in preset time period (such as 1s) more than preset quantity
Calculate intensive call request (for example, call request that on-line training is carried out to machine learning model), the tune that will be received
Other second servers are forwarded to the part call request in request.By the way that host environment is deployed in multiple second servers
On, and be transmitted to when some second server frequently receives the task of computation-intensive in shorter time period other
Two servers thereby may be ensured that equably sharing request pressure, ensure that the request timing of sandbox environment is correct.
The method provided by the above embodiment for running third party code in sandbox environment of the application, passes through reception
The call request that the first server of sandbox environment is sent is disposed, later the determining mark with call request in host environment
Corresponding target interface, last invocation target interface and by obtained call result return first server, so as to right
The safety of third party code control effectively.
With further reference to Fig. 5, as the realization to method shown in Fig. 2, this application provides one kind in sandbox environment
One embodiment of the device of middle operation third party code, the Installation practice is corresponding with embodiment of the method shown in Fig. 2, should
Device specifically can be applied in the first server of deployment sandbox environment.
As shown in figure 5, the device 500 for running third party code in sandbox environment of the present embodiment may include mark
Know acquiring unit 501, request transmitting unit 502 and result receiving unit 503.Wherein, mark acquiring unit 501 is configured to ring
Ying Yu detects that third party code calls the virtual interface of the isolated operation type in sandbox environment at runtime, and acquisition virtually connects
The mark of mouth;Request transmitting unit 502 is configured to send calling to the second server of deployment host environment corresponding with mark
Target interface call request, the first server and second server for disposing sandbox environment physically separate;And result connects
Receive the called calling obtained later of target interface corresponding with mark that unit 503 is configured to receive second server return
As a result.
In the present embodiment, sandbox environment can be deployed in first server (for example, first server 101 of Fig. 1),
Host environment can be deployed on second server (for example, second server 103 of Fig. 1).For being run in sandbox environment
The above-mentioned mark acquiring unit 501 of the device 500 of third party code can detecte whether third party code calls sand at runtime
The virtual interface of action type is isolated in box environment, and is obtained virtually when detecting that third party code calls above-mentioned virtual interface
The mark of interface.Here, third party code can be the code (for example, class light application) of nonhost environment offer.First service
Device is physically separated with second server.For example, when one physical host is virtually turned to more virtually using virtualization technology
When host, first server and second server can be located on different physical hosts.
In some optional implementations of the present embodiment, virtual interface and corresponding target interface tune having the same
Use mode.For example, virtual interface and corresponding target interface calling path having the same, call parameters etc., but do not have
The function of standby target interface.The effect of virtual interface is that third party code is allowed to think that oneself really has invoked target interface.One
As for, since third party code perception is less than oneself operating in host environment or in sandbox environment, for the
What is called for tripartite's code is the target interface in host environment, and what is actually called is virtually connecing in sandbox environment
Mouthful, security risk is brought to host environment so as to avoid third party code.
In some optional implementations of the present embodiment, above-mentioned mark acquiring unit 501 can be additionally configured to ring
Ying Yu detects that third party code calls the virtual interface of the isolated operation type in sandbox environment at runtime, and acquisition virtually connects
The call parameters of mouth.The implementation can be adapted for the virtual interface for needing Transfer Parameters.
In the present embodiment, above-mentioned request transmitting unit 502 can send call request to second server, so as to second
Server determines target interface corresponding with the mark that above-mentioned mark acquiring unit 501 obtains in host environment, and calls the mesh
Tag splice mouth.
In the present embodiment, the above results receiving unit 503 can receive the corresponding with mark of second server return
The call result obtained after target interface is called is (and by the call result received return third party code, thus complete
At the interface calling procedure of third party code).
It is provided in this embodiment for being transported in sandbox environment compared with running third party code directly in host environment
The method of row third party code can effectively completely cut off the running environment of third party code with host environment, so as to avoid
Host environment is influenced when tripartite's code calling interface.
In some optional implementations of the present embodiment, which can also include retransmitting unit.Its
In, above-mentioned retransmission unit is configured in response to not receive call result within a preset period of time, again to the second clothes
Business device sends call request.
Optionally, different time-out times different interfaces can be arranged, so as to avoid third party developer couple
The setting of interface time of return is wrong and causes repeatedly to send call request.
In some optional implementations of the present embodiment, which can also include interface call unit.Its
In, above-mentioned interface call unit be configured in response to detect third party code call at runtime in sandbox environment it is non-every
Target interface from action type calls directly the target interface of non-isolated action type.Here, the mesh of non-isolated action type
Tag splice mouth can refer to that confirmation will not be to the interface that host environment impacts.
In some optional implementations of the present embodiment, which can also include code deployment unit.Its
In, above-mentioned code deployment unit is configured to receive the third party code of developer's submission to run in host environment, will
Third party code is deployed in sandbox environment.
The application's is provided by the above embodiment for running the device of third party code in sandbox environment, by examining
Survey the mark that virtual interface is obtained when third party code calls the virtual interface of the isolated operation type in sandbox environment at runtime
Know, the rear second server to deployment host environment send the request for calling corresponding with mark target interface, finally receive
The call result that second server returns, control effectively so as to the safety to third party code.
With further reference to Fig. 6, as the realization to method shown in Fig. 4, this application provides one kind in sandbox environment
Another embodiment of the device of middle operation third party code, the Installation practice is corresponding with embodiment of the method shown in Fig. 4,
The device specifically can be applied in the second server of deployment host environment.
As shown in fig. 6, the device 600 for running third party code in sandbox environment of the present embodiment includes that request connects
It receives unit 601, interface determination unit 602 and calls return unit 603.Wherein, request reception unit 601 is configured to receiving unit
The call request that the first server of sandbox environment is sent is affixed one's name to, call request includes the sandbox that third party code calls at runtime
The mark of the virtual interface of isolated operation type in environment, the second server physics of first server and deployment host environment
Ground isolation;Interface determination unit 602 is configured to determine the corresponding target interface of mark;And return unit 603 is called to be configured
First server is returned at target interface determined by calling, and by obtained call result.
In the present embodiment, sandbox environment deployment can in first server (for example, first server 101 of Fig. 1),
Host environment can be deployed on second server (for example, second server 103 of Fig. 1).For being run in sandbox environment
The above-mentioned request reception unit 601 of the device 600 of third party code can receive the call request of first server transmission.Its
In, call request includes the mark of virtual interface.The mark can be first server and detect that third party code running
When the sandbox environment that calls in isolated operation type virtual interface when the mark of virtual interface that obtains.Here, the first clothes
Business device is physically separated with second server, and third party code can be the code of nonhost environment offer (for example, class is gently answered
With).
In the present embodiment, above-mentioned interface determination unit 602 can determine in host environment with above-mentioned request reception unit
The 601 corresponding target interfaces of received mark (for example, the interface for obtaining friend information).Here, with the mark pair of virtual interface
The target interface answered for example can be target interface identical with the mark of virtual interface.
In the present embodiment, the target that above-mentioned calling return unit 603 can call above-mentioned interface determination unit 602 to determine
Obtained call result (for example, friend information) is then returned to first server, and then returns to third party code by interface,
To realize the interface calling procedure of third party code.
It is provided in this embodiment for being transported in sandbox environment compared with running third party code directly in host environment
The method of row third party code can effectively completely cut off the running environment of third party code with host environment, so as to avoid
Host environment is influenced when tripartite's code calling interface.
In some optional implementations of the present embodiment, second server can correspond to multiple first servers.
That is, a host environment can correspond to multiple sandbox environments.That is, second server can receive multiple first services
The call request of device.Corresponding to the implementation, which can be with
Including asynchronous process unit.Wherein, above-mentioned asynchronous process unit is configured to ask using the calling that asynchronous mechanism processing receives
It asks, so as to ensure to block mutually between call request.
In some optional implementations of the present embodiment, host environment can also be deployed in other second servers
On (for example, second server other than current executing subject).Corresponding to the implementation, this is used to run in sandbox environment
The device 600 of third party code can also include request retransmission unit.Wherein, above-mentioned request retransmission unit is configured in response to
The call request more than preset quantity computation-intensive is received (for example, will be to machine in preset time period (such as 1s)
The call request of learning model progress on-line training), the part call request in the call request received is forwarded to deployment
Other servers of host environment.By the way that host environment is deployed on multiple second servers, and in some second service
Device is transmitted to other second servers when frequently receiving the task of computation-intensive in shorter time period, thereby may be ensured that
Equably sharing request pressure ensures that the request timing of sandbox environment is correct.
The application's is provided by the above embodiment for running the device of third party code in sandbox environment, passes through reception
The call request that the first server of sandbox environment is sent is disposed, later the determining mark with call request in host environment
Corresponding target interface, last invocation target interface and by obtained call result return first server, so as to right
The safety of third party code control effectively.
Below with reference to Fig. 7, it is (such as shown in FIG. 1 that it illustrates the electronic equipments for being suitable for being used to realize the embodiment of the present application
First server 101 or second server 103) computer system 700 structural schematic diagram.Electronic equipment shown in Fig. 7 is only
Only an example, should not function to the embodiment of the present application and use scope bring any restrictions.
As shown in fig. 7, computer system 700 includes one or more central processing unit (CPU) 701, it can basis
The program that is stored in read-only memory (ROM) 702 is loaded into random access storage device (RAM) 703 from storage section 708
In program and execute various movements appropriate and processing.In RAM 703, be also stored with system 700 operate it is required various
Program and data.CPU 701, ROM 702 and RAM 703 are connected with each other by bus 704.Input/output (I/O) interface
705 are also connected to bus 704.
I/O interface 705 is connected to lower component: the importation 706 including mouse, keyboard etc.;Including such as organic hair
The output par, c 707 of optical diode (OLED) display, liquid crystal display (LCD) etc. and loudspeaker etc.;Including hard disk etc.
Storage section 708;And the communications portion 709 of the network interface card including LAN card, modem etc..Communications portion
709 execute communication process via the network of such as internet.Driver 710 is also connected to I/O interface 705 as needed.It is removable
Medium 711, such as disk, CD, magneto-optic disk, semiconductor memory etc. are unloaded, is mounted on driver 710 as needed, with
Convenient for being mounted into storage section 708 as needed from the computer program read thereon.
Particularly, in accordance with an embodiment of the present disclosure, it may be implemented as computer above with reference to the process of flow chart description
Software program.For example, embodiment of the disclosure includes a kind of computer program product comprising be carried on computer-readable medium
On computer program, which includes the program code for method shown in execution flow chart.In such reality
It applies in example, which can be downloaded and installed from network by communications portion 709, and/or from detachable media
711 are mounted.When the computer program is executed by central processing unit (CPU) 701, execute in the method for the embodiment of the present application
The above-mentioned function of limiting.
It should be noted that computer-readable medium described herein can be computer-readable signal media or meter
Calculation machine readable storage medium storing program for executing either the two any combination.Computer readable storage medium for example can be --- but not
Be limited to --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor system, device or device, or any above combination.Meter
The more specific example of calculation machine readable storage medium storing program for executing can include but is not limited to: have the electrical connection, just of one or more conducting wires
Taking formula computer disk, hard disk, random access storage device (RAM), read-only memory (ROM), erasable type may be programmed read-only storage
Device (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-ROM), light storage device, magnetic memory device,
Or above-mentioned any appropriate combination.In this application, computer readable storage medium can be it is any include or storage journey
The tangible medium of sequence, the program can be commanded execution system, device or device use or in connection.And at this
In application, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but unlimited
In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can
Any computer-readable medium other than storage medium is read, which can send, propagates or transmit and be used for
By the use of instruction execution system, device or device or program in connection.Include on computer-readable medium
Program code can transmit with any suitable medium, including but not limited to: wireless, electric wire, optical cable, RF etc. are above-mentioned
Any appropriate combination.
The operation for executing the embodiment of the present application can be write with one or more programming languages or combinations thereof
Computer program code, described program design language include object oriented program language-such as Java,
Smalltalk, C++ further include conventional procedural programming language-such as " C " language or similar program design language
Speech.Program code can be executed fully on the user computer, partly be executed on the user computer, as an independence
Software package execute, part on the user computer part execute on the remote computer or completely in remote computer or
It is executed on server.In situations involving remote computers, remote computer can pass through the network of any kind --- packet
It includes local area network (LAN) or wide area network (WAN)-is connected to subscriber computer, or, it may be connected to outer computer (such as benefit
It is connected with ISP by internet).
Flow chart and block diagram in attached drawing are illustrated according to the system of the various embodiments of the application, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of the module, program segment or code include one or more use
The executable instruction of the logic function as defined in realizing.It should also be noted that in some implementations as replacements, being marked in box
The function of note can also occur in a different order than that indicated in the drawings.For example, two boxes succeedingly indicated are actually
It can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it to infuse
Meaning, the combination of each box in block diagram and or flow chart and the box in block diagram and or flow chart can be with holding
The dedicated hardware based system of functions or operations as defined in row is realized, or can use specialized hardware and computer instruction
Combination realize.
Being described in unit involved in the embodiment of the present application can be realized by way of software, can also be by hard
The mode of part is realized.Described unit also can be set in the processor, for example, can be described as: a kind of processor packet
Include mark acquiring unit, request transmitting unit and result receiving unit.Wherein, the title of these units is not under certain conditions
The restriction to the unit itself is constituted, for example, mark acquiring unit is also described as " in response to detecting third party code
The virtual interface for calling the isolated operation type in sandbox environment at runtime, obtains the unit of the mark of virtual interface ".
As on the other hand, present invention also provides a kind of computer-readable medium, which be can be
Included in client or server described in above-described embodiment;Be also possible to individualism, and without be incorporated this first
In server or second server.Above-mentioned computer-readable medium carries one or more program, when said one or
When multiple programs are executed by the first server, so that the first server: in response to detecting third party code at runtime
The virtual interface for calling the isolated operation type in sandbox environment, obtains the mark of virtual interface;To the of deployment host environment
Two servers send the call request for calling corresponding with mark target interface, first server and second server physically every
From;Receive the called call result obtained later of target interface corresponding with mark that second server returns.When above-mentioned one
When a or multiple programs are executed by the second server, so that the second server: receiving the first clothes of deployment sandbox environment
The call request that business device is sent, call request includes the isolated operation class in the sandbox environment that third party code calls at runtime
The mark of the virtual interface of type, first server are physically separated with second server;It determines and identifies corresponding target interface;It adjusts
First server is returned with identified target interface, and by obtained call result.
Above description is only the preferred embodiment of the application and the explanation to institute's application technology principle.Those skilled in the art
Member is it should be appreciated that invention scope involved in the application, however it is not limited to technology made of the specific combination of above-mentioned technical characteristic
Scheme, while should also cover in the case where not departing from foregoing invention design, it is carried out by above-mentioned technical characteristic or its equivalent feature
Any combination and the other technical solutions formed.Such as features described above has similar function with (but being not limited to) disclosed herein
Can technical characteristic replaced mutually and the technical solution that is formed.
Claims (12)
1. a kind of method for running third party code in sandbox environment, applied to the first clothes for disposing the sandbox environment
Business device, which comprises
In response to detecting that the third party code calls the virtual of the isolated operation type in the sandbox environment at runtime
Interface obtains the mark of the virtual interface;
The call request for calling target interface corresponding with the mark is sent to the second server of deployment host environment, it is described
First server is physically separated with the second server;
Receive the called call result obtained later of target interface corresponding with the mark that the second server returns.
2. according to the method described in claim 1, wherein, the method for calling phase of the virtual interface and corresponding target interface
Together.
3. according to the method described in claim 1, wherein, the method also includes:
In response to not receiving the call result within a preset period of time, the calling is sent to the second server again
Request.
4. according to the method described in claim 1, wherein, the method also includes:
In response to detecting that the third party code calls the mesh of the non-isolated action type in the sandbox environment at runtime
Tag splice mouth calls directly the target interface of the non-isolated action type.
5. according to the method described in claim 1, wherein, before detecting the third party code, the method also includes:
The third party code to run in the host environment that developer submits is received, by the third party code portion
Administration is in the sandbox environment.
6. a kind of method for running third party code in sandbox environment, the second service applied to deployment host environment
Device, which comprises
The call request that the first server of deployment sandbox environment is sent is received, the call request includes the third party code
The mark of the virtual interface of isolated operation type in the sandbox environment called at runtime, first server and second clothes
Business device physically separates;
Determine the corresponding target interface of the mark;
Target interface determined by calling, and obtained call result is returned into first server.
7. according to the method described in claim 6, wherein, the second server corresponds to multiple first servers, the side
Method further include:
The call request received is handled using asynchronous mechanism.
8. according to the method described in claim 6, wherein, the method also includes:
In response to receiving the call request more than preset quantity computation-intensive within a preset period of time, the tune that will receive
Other servers for disposing the host environment are forwarded to the part call request in request.
9. it is a kind of for running the device of third party code in sandbox environment, applied to the first clothes for disposing the sandbox environment
Business device, described device include:
Mark acquiring unit is configured in response to detect that the third party code is called at runtime in the sandbox environment
Isolated operation type virtual interface, obtain the mark of the virtual interface;
Request transmitting unit is configured to send to the second server of deployment host environment and calls mesh corresponding with the mark
The call request of tag splice mouth, the first server are physically separated with the second server;
As a result receiving unit is configured to receive the target interface corresponding with the mark that the second server returns and is adjusted
With the call result obtained later.
10. a kind of second service for running the device of third party code in sandbox environment, applied to deployment host environment
Device, described device include:
Request reception unit is configured to receive and disposes the call request that the first server of the sandbox environment is sent, described
Call request includes virtually connecing for the isolated operation type in the sandbox environment that the third party code calls at runtime
The mark of mouth, the first server are physically separated with the second server;
Interface determination unit is configured to determine the corresponding target interface of the mark;
Return unit is called, is configured to call identified target interface, and obtained call result is returned to described the
One server.
11. a kind of electronic equipment, comprising:
One or more processors;
Storage device is stored thereon with one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
Now such as method as claimed in any one of claims 1 to 5, or method of the realization as described in any in claim 6-8.
12. a kind of computer-readable medium, is stored thereon with computer program, wherein real when described program is executed by processor
Now such as method as claimed in any one of claims 1 to 5, or method of the realization as described in any in claim 6-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811108552.9A CN109325345B (en) | 2018-09-21 | 2018-09-21 | Method and apparatus for running third party code in a sandbox environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811108552.9A CN109325345B (en) | 2018-09-21 | 2018-09-21 | Method and apparatus for running third party code in a sandbox environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109325345A true CN109325345A (en) | 2019-02-12 |
| CN109325345B CN109325345B (en) | 2022-10-28 |
Family
ID=65265766
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811108552.9A Active CN109325345B (en) | 2018-09-21 | 2018-09-21 | Method and apparatus for running third party code in a sandbox environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109325345B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111708646A (en) * | 2020-06-16 | 2020-09-25 | 中国建设银行股份有限公司 | Method, device and system for realizing front-end service platform and storage medium |
| WO2023087642A1 (en) * | 2021-11-19 | 2023-05-25 | 上海商汤智能科技有限公司 | User code running method and apparatus, and electronic device and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102232217A (en) * | 2008-12-02 | 2011-11-02 | 微软公司 | Sandboxed execution of plug-ins |
| US20110296487A1 (en) * | 2010-05-28 | 2011-12-01 | Walsh Daniel J | Systems and methods for providing an fully functional isolated execution environment for accessing content |
| CN102436508A (en) * | 2011-12-28 | 2012-05-02 | 奇智软件(北京)有限公司 | Method and device for browsing webpage based on sandbox technique |
| CN103377349A (en) * | 2012-04-27 | 2013-10-30 | 美国博通公司 | Security controlled multi-processor system |
| CN103761139A (en) * | 2014-01-25 | 2014-04-30 | 湖南大学 | General purpose computation virtualization implementation method based on dynamic library interception |
| CN104184774A (en) * | 2013-05-24 | 2014-12-03 | 阿里巴巴集团控股有限公司 | Information processing method based on sandbox environment and system thereof |
| CN105095970A (en) * | 2014-04-25 | 2015-11-25 | 阿里巴巴集团控股有限公司 | Execution method and system of third-party application |
| CN106897611A (en) * | 2017-03-03 | 2017-06-27 | 金光 | Secure virtual mobile applications running environment system and method and application without root authority |
| CN108255708A (en) * | 2017-12-14 | 2018-07-06 | 海尔优家智能科技(北京)有限公司 | Method, apparatus, storage medium and the equipment of production file are accessed in test environment |
-
2018
- 2018-09-21 CN CN201811108552.9A patent/CN109325345B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102232217A (en) * | 2008-12-02 | 2011-11-02 | 微软公司 | Sandboxed execution of plug-ins |
| US20110296487A1 (en) * | 2010-05-28 | 2011-12-01 | Walsh Daniel J | Systems and methods for providing an fully functional isolated execution environment for accessing content |
| CN102436508A (en) * | 2011-12-28 | 2012-05-02 | 奇智软件(北京)有限公司 | Method and device for browsing webpage based on sandbox technique |
| CN103377349A (en) * | 2012-04-27 | 2013-10-30 | 美国博通公司 | Security controlled multi-processor system |
| CN104184774A (en) * | 2013-05-24 | 2014-12-03 | 阿里巴巴集团控股有限公司 | Information processing method based on sandbox environment and system thereof |
| CN103761139A (en) * | 2014-01-25 | 2014-04-30 | 湖南大学 | General purpose computation virtualization implementation method based on dynamic library interception |
| CN105095970A (en) * | 2014-04-25 | 2015-11-25 | 阿里巴巴集团控股有限公司 | Execution method and system of third-party application |
| CN106897611A (en) * | 2017-03-03 | 2017-06-27 | 金光 | Secure virtual mobile applications running environment system and method and application without root authority |
| CN108255708A (en) * | 2017-12-14 | 2018-07-06 | 海尔优家智能科技(北京)有限公司 | Method, apparatus, storage medium and the equipment of production file are accessed in test environment |
Non-Patent Citations (1)
| Title |
|---|
| 龙方网络: "微信支付开发之沙箱密钥步骤详解", 《HTTPS://WWW.YZLFXY.COM/JIAOCHENG/WEIXIN/266105.HTML》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111708646A (en) * | 2020-06-16 | 2020-09-25 | 中国建设银行股份有限公司 | Method, device and system for realizing front-end service platform and storage medium |
| WO2023087642A1 (en) * | 2021-11-19 | 2023-05-25 | 上海商汤智能科技有限公司 | User code running method and apparatus, and electronic device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109325345B (en) | 2022-10-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10917434B1 (en) | Systems and methods for AIDA based second chance | |
| US11734421B2 (en) | Systems and methods to detect and neutralize malware infected electronic communications | |
| CN104584480B (en) | Cloud assisted method for application safety verification and service | |
| CN108459953A (en) | test method and device | |
| CN105556919B (en) | Dual factor anthentication is carried out using service request bill | |
| US20190102237A1 (en) | Recommending applications based on call requests between applications | |
| CN109597677A (en) | Method and apparatus for handling information | |
| CN107423329A (en) | Information acquisition method and device | |
| US11726800B2 (en) | Remote component loader | |
| CN109582873A (en) | Method and apparatus for pushed information | |
| CN107634947A (en) | Limitation malice logs in or the method and apparatus of registration | |
| CN107465693A (en) | Request message treating method and apparatus | |
| CN108833510A (en) | Message treatment method and device | |
| CN110098998A (en) | Method and apparatus for handling information | |
| CN106465113A (en) | Venue-specific wi-fi connectivity notifications | |
| US20190026164A1 (en) | Method and system for invoking event-based package module | |
| CN109325345A (en) | Method and apparatus for running third party code in sandbox environment | |
| US9710575B2 (en) | Hybrid platform-dependent simulation interface | |
| RU2598988C2 (en) | Methods and systems for searching for application software | |
| CN108959102A (en) | Method and apparatus for generating test data, test application to be tested | |
| CN109299124A (en) | Method and apparatus for more new model | |
| CN110046000A (en) | Small routine operation method and device | |
| CN109889410A (en) | Test method, apparatus, agent equipment and the readable storage medium storing program for executing of business function | |
| CN107368339A (en) | Container entrance program operating method, system, equipment and storage medium | |
| CN107920019A (en) | Pay close attention to method and device, computer equipment and the storage medium of good friend |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |