Tech Off Thread

2 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

.Net 2.0, reflection, app domains, CAS

Back to Forum: Tech Off
  • User profile image

    OK, so... I've been wrestling with this for more evening than I would care to admit to, so time to reach out for help!

    I have WinForms app in .NET 2.0.  That app has a 'common' assembly which provides base classes for other 3rd party assemblies to inherit from.  I don't trust these other assemblies, so I want to reduce the access they have when I execute them (no file IO, registry access, etc).  To do this, I launch a new AppDomain, and pass it evidence from the main app, with the following:

    Protected Function GetSafeAppDomain() As AppDomain

    Dim setup As New AppDomainSetup()

    setup.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory

    Dim permissions As New Security.PermissionSet(Security.Permissions.PermissionState.None)

    Dim policyStatement As New System.Security.Policy.PolicyStatement(permissions)

    Dim appTrust As New ApplicationTrust()

    appTrust.DefaultGrantSet = policyStatement

    setup.ApplicationTrust = appTrust

    ' Set up the Evidence

    Dim baseEvidence As Evidence = AppDomain.CurrentDomain.Evidence

    Dim evidence As New Evidence(baseEvidence)

    ' Create the AppDomain

    Dim modulesDomain As AppDomain = AppDomain.CreateDomain("safeappdomain", evidence, setup)


    Return modulesDomain

    End Function

    Now, I think this is correct, although I haven't actually tested it properly yet.  So if it's wrong, please tell me.

    What's more interesting though, is when I try to load the assembly and execute one of it's methods, it fails saying it's unable to find the type of the base class.  What gives?

    I guess what I'm trying to do is very similar to terrarium, the animals inherit from the organism base, and run in an untrusted environment.

    If anyone can offer me some pointers on this, I'll buy you a beer!



  • User profile image

    For 2.0, a new overload of CreateDomain makes it even easier:

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.