Best evidence to offer a sandboxed appdomain for a C# evaluator.

Posted by scope-creep on Stack Overflow See other posts from Stack Overflow or by scope-creep
Published on 2010-05-10T21:55:06Z Indexed on 2010/05/10 22:14 UTC
Read the original article Hit count: 268

Filed under:
|
|

I have a c# evaluator which uses the (I think) the .Net 4 new simplified sandboxed appdomain model to host the c# assembly, with remoting doing the rest. The call to create the appdomain is

        Evidence ev = new Evidence();
        ev.AddHostEvidence(new Zone(SecurityZone.Trusted));
        PermissionSet pset = SecurityManager.GetStandardSandbox(ev);

        AppDomainSetup ads = new AppDomainSetup();
        ads.ApplicationBase = "C:\\Sandbox";

        // Create the sandboxed domain.
        AppDomain sandbox = AppDomain.CreateDomain(
           "Sandboxed Domain",
           ev,
           ads,
           pset,
           null);

The c# eval is embedded in a server app, but I don't want give the sandbox to much control unless it bo bo's the caller. What i'm looking for is regarding some clarification as to what to provide as Evidence from the caller. I'm looking for advice and guidance.

Any help would be appreciated.

© Stack Overflow or respective owner

Related posts about c#4.0

Related posts about appdomain