C# 需求是:<;PermissionSet类=";System.Security.PermissionSet“;版本=";1“;无限制=";“真的”/&燃气轮机;
我正在获取C# 需求是:<;PermissionSet类=";System.Security.PermissionSet“;版本=";1“;无限制=";“真的”/&燃气轮机;,c#,sandbox,appdomain,code-access-security,C#,Sandbox,Appdomain,Code Access Security,我正在获取System.Security.SecurityException当尝试创建具有以下限制权限的AppDomain时,需求是:: var permissionSet = new PermissionSet(PermissionState.None); permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery,
System.Security.SecurityException当尝试创建具有以下限制权限的AppDomain时,需求是:var permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery, System.Reflection.Assembly.GetExecutingAssembly().Location));
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SerializationFormatter));
存根实例:
public interface IHostStub // Implemented by a MarshalByRefObject object in the primary AppDomain
{
void Ping();
void SayTime(DateTimeOffset time);
}
// In the restricted AppDomain
class Stub : MarshalByRefObject
{
public event EventHandler OnQuit;
public void RequestTime(IHostStub host)
{
host.SayTime(DateTimeOffset.Now);
}
public void Quit(IHostStub host)
{
if (this.OnQuit != null)
this.OnQuit(this, new EventArgs());
}
}
你能给我解释一下这个错误信息吗?也许我误解了无限制的意思。但将其设置为Unrestricted
似乎可以让应用程序域自由支配(正如我预期的那样),而不管我添加或不添加任何权限
谢谢
====
作为对@Nicole的回应,并在我完成这项工作时添加一些发现,下面是两个代码示例。这是一个棘手的场景-沙箱插件-需要太多的代码才能显示所有插件。第一个代码示例演示了异常。它有一个明显的修正,但它没有考虑到整个场景
class Program
{
static void Main(string[] args)
{
var currentAssembly = System.Reflection.Assembly.GetExecutingAssembly();
var permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery, currentAssembly.Location));
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SerializationFormatter));
permissionSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
var appDomain = AppDomain.CreateDomain(
"Sandboxed",
null,
new AppDomainSetup
{
ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase
},
permissionSet,
Assembly.GetExecutingAssembly().Evidence.GetHostEvidence<StrongName>());
try
{
var stub = (Stub)appDomain.CreateInstanceFromAndUnwrap(
currentAssembly.Location,
typeof(Stub).FullName);
}
catch (SecurityException ex)
{
Console.WriteLine(ex);
throw;
}
}
}
// In the restricted AppDomain
class Stub : MarshalByRefObject
{
}
尝试通过Activator.CreateInstanceFrom
而不是AppDomain.createInstanceFromandWrap
创建存根句柄。权限验证各不相同,使用Activator
方法还应允许您避免将额外权限(除了SecurityPermission\Execution
)添加到沙盒应用程序域。e、 g:
var currentAssembly=System.Reflection.Assembly.getExecutionGassembly();
var permissionSet=新的permissionSet(PermissionState.None);
AddPermission(新的SecurityPermission(SecurityPermissionFlag.Execution));
var appDomain=appDomain.CreateDomain(
“沙盒”,
无效的
新AppDomainSetup{ApplicationBase=CreateFakePath()},
许可证集,
currentAssembly.Evidence.GetHostEvidence());
var stub=(stub)Activator.CreateInstanceFrom(appDomain,currentAssembly.Location,typeof(stub.FullName).Unwrap();
var hostStub=新的hostStub();
stub.RequestTime(hostStub);
您能提供完整的示例代码来重现问题吗?@NicoleCalinoiu-补充道。荒谬!我也用过这种方法,但我猜不是正确的组合。当我发现一篇文章解释AppDomain.Create。。。只需调用激活器。创建。。。方法。谢谢还有一个附加组件,所以我不必重复所有这些背景。。。当我调用host.SayTime(DateTimeOffset.Now)时在存根中,它对主机调用自身的对象抛出TypeLoadException
“重写成员时违反了继承安全规则…”。即使我用[SecuritySafeCritical]
或[SecuritySafe]'用[assembly:AllowPartiallyTrustedCallers]``(我在四处游荡)装饰主机或其方法,下一个调用也会检查调用堆栈。1) 如果新AppDomain中的程序集是完全受信任的,为什么此检查仍会失败?2) 我如何允许呼叫?也就是说,我需要做些什么才能从托管方呼叫到托管方?托管方是否需要从部分受信任或透明的代码中开票?如果不是,将其保留为SecurityCritical(默认)而不使用APTCA应该可以正常工作。如果这对您不起作用,请您提供示例代码,因为我无法重新处理该问题。主机不受信任,但它实现了一个接口,可能会调用主机的某些方法(这反过来涉及需要完全信任的WCF)。通过删除APTCA
并将[PermissionSet(SecurityAction.Assert,Unrestricted=true)]
添加到IHostHub实现方法中,使其正常工作。谢谢
class Program
{
static void Main(string[] args)
{
var currentAssembly = System.Reflection.Assembly.GetExecutingAssembly();
var permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery, currentAssembly.Location));
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SerializationFormatter));
permissionSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
string path;
do
{
path = Path.GetTempPath() + Path.GetFileNameWithoutExtension(Path.GetRandomFileName());
} while (Directory.Exists(path));
var appDomain = AppDomain.CreateDomain(
"Sandboxed",
null,
new AppDomainSetup
{
ApplicationBase = path
},
permissionSet,
Assembly.GetExecutingAssembly().Evidence.GetHostEvidence<StrongName>());
try
{
var stub = (Stub)appDomain.CreateInstanceFromAndUnwrap(
currentAssembly.Location,
typeof(Stub).FullName);
}
catch (SecurityException ex)
{
Console.WriteLine(ex);
throw;
}
}
}
class Stub : MarshalByRefObject
{
static Stub()
{
AppDomain.CurrentDomain.AssemblyResolve += AssemblyResolve;
}
public static Assembly AssemblyResolve(object sender, ResolveEventArgs e)
{
if (e.Name == Assembly.GetExecutingAssembly().FullName)
return Assembly.GetExecutingAssembly();
else
Console.WriteLine("Unable to load {0}", e.Name);
return null;
}
}
var currentAssembly = System.Reflection.Assembly.GetExecutingAssembly();
var permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
var appDomain = AppDomain.CreateDomain(
"Sandboxed",
null,
new AppDomainSetup { ApplicationBase = CreateFakePath() },
permissionSet,
currentAssembly.Evidence.GetHostEvidence<StrongName>());
var stub = (Stub)Activator.CreateInstanceFrom(appDomain, currentAssembly.Location, typeof(Stub).FullName).Unwrap();
var hostStub = new HostStub();
stub.RequestTime(hostStub);