Security implications of open CoreCLR (CoreRun.exe)
Completed on 05-Feb-2016 (26 days) -- Updated on 23-Nov-2016

Some of the conclusions of this project aren't applicable anymore.
To know more about all this, read "OVER-8-MONTH-LATER UPDATE" in the Open .NET & CoreCLR section.

Project 8 in full-screenProject 8 in PDF
Security analysis >
Possible solutions

As explained in the previous section, a CoreRun.exe-based threat is very unlikely to happen due to the associated difficulties. No real threat means no problem and, consequently, no solution is strictly required.

Nevertheless, the following ideas can further improve CoreRun.exe's security:
  • Constraining its utilisation even more. For example: being able to only deal with executables built on a specific .NET version or to only be run on certain Windows version.
  • Exclusively dealing with properly-identified .NET executables. They might be identified by forcing some of its defining features to meet specific conditions (e.g., including certain copyright reference or version).
  • Rather than releasing a standalone application and its source code, relying on a cloud-based approach. It might consist in a simple webpage accepting the given inputs (i.e., .NET executable and modified libraries) and delivering the final result (i.e., what is output by this executable when relying on the modified libraries).