Creating a Sandboxed Instance
- by Ricardo Peres
In .NET 4.0 the policy APIs have changed a bit. Here's how you can create a sandboxed instance of a type, which must inherit from MarshalByRefObject:
static T CreateRestrictedType<T>(SecurityZone zone, params Assembly [] fullTrustAssemblies) where T : MarshalByRefObject, new()
{
return(CreateRestrictedType<T>(zone, fullTrustAssemblies, new IPermission [0]);
}
static T CreateRestrictedType<T>(SecurityZone zone, params IPermission [] additionalPermissions) where T : MarshalByRefObject, new()
{
return(CreateRestrictedType<T>(zone, new Assembly [0], additionalPermissions);
}
static T CreateRestrictedType<T>(SecurityZone zone, Assembly [] fullTrustAssemblies, IPermission [] additionalPermissions) where T : MarshalByRefObject, new()
{
Evidence evidence = new Evidence();
evidence.AddHostEvidence(new Zone(zone));
PermissionSet evidencePermissionSet = SecurityManager.GetStandardSandbox(evidence);
foreach (IPermission permission in additionalPermissions ?? new IPermission[ 0 ])
{
evidencePermissionSet.AddPermission(permission);
}
StrongName [] strongNames = (fullTrustAssemblies ?? new Assembly[0]).Select(a = a.Evidence.GetHostEvidence<StrongName>()).ToArray();
AppDomainSetup adSetup = new AppDomainSetup();
adSetup.ApplicationBase = Path.GetDirectoryName(typeof(T).Assembly.Location);
AppDomain newDomain = AppDomain.CreateDomain("Sandbox", evidence, adSetup, evidencePermissionSet, strongNames);
ObjectHandle handle = Activator.CreateInstanceFrom(newDomain, typeof(T).Assembly.ManifestModule.FullyQualifiedName, typeof(T).FullName);
return (handle.Unwrap() as T);
}
SyntaxHighlighter.config.clipboardSwf = 'http://alexgorbatchev.com/pub/sh/2.0.320/scripts/clipboard.swf';
SyntaxHighlighter.brushes.CSharp.aliases = ['c#', 'c-sharp', 'csharp'];
SyntaxHighlighter.all();