Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / CLR / February 2005

Tip: Looking for answers? Try searching our database.

Compile assembly in runtime and execute in sandbox

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
JFN - 25 Feb 2005 23:04 GMT
Hello,

I'm trying to use C# as a script language for my .NET application.
Users able to write a method (say, Foo(Myclass parameter))
Then in run time I'm wrapping this method into namespace code, compile into
assembly signed with special key and execute.

Here is a problem - I'd like to apply some restrictions on user's code.
I.e. "Internet" set of permissions.

But it doesn't work. When I create code group for this special key, any
permission set besides "Full trust" gives me
"Security error". Even "Everything" set. I have "This policy level"
checkbox in Code Group properties dialog checked (if it not checked then
compiled assembly got all permissions from main application)
So, is it possible at all? Am I doing something wrong or may be just don't
understand something about security model?

Please, help!

Here is code snippet

      CodeDomProvider provider = new CSharpCodeProvider();
      ICodeCompiler compiler = provider.CreateCompiler();
      CompilerParameters compilerParams = new CompilerParameters();
      compilerParams.GenerateInMemory = false;
      compilerParams.ReferencedAssemblies.Add("System.dll");

compilerParams.ReferencedAssemblies.Add(Path.Combine(Application.StartupPath
, "MyCompany.MyFramework.dll"));

      string code = "[assembly: AssemblyKeyName(\"MyKey\")]";
      code += myNamespaceAndMethodText;

      CompilerResults results =
compiler.CompileAssemblyFromSource(compilerParams, code);
      object o = results.CompiledAssembly.CreateInstance("MyClass", true);

//this is where Security exception throws:
      object retVal = o.GetType().InvokeMember("Foo", new object[]
{myClassInstance});

regards,
Ken
Reply to this Message
Henning Krause [MVP] - 26 Feb 2005 09:22 GMT
Hello,

I'm not very proficient on this topic, but I believe you should load the
newly created type into another app domain and execute it there.

The new app domain can be initialized with a custom set of evidence.

Greetings,
Henning Krause [MVP]
==========================
Visit my website: http://www.infinitec.de
Try my free Exchange Explorer: Mistaya
(http://www.infinitec.de/software/mistaya.aspx)

> Hello,
>
[quoted text clipped - 23 lines]
>        compilerParams.GenerateInMemory = false;
>        compilerParams.ReferencedAssemblies.Add("System.dll");

compilerParams.ReferencedAssemblies.Add(Path.Combine(Application.StartupPath
> , "MyCompany.MyFramework.dll"));
>
[quoted text clipped - 11 lines]
>  regards,
>  Ken
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.