Menu
I have a c# evaluator which uses the (I think) the .Net 4 new simplified sandboxed appdomain model to host the c# assembly, with remoting doing the rest. The call to create the appdomain is
Evidence ev = new Evidence();
ev.AddHostEvidence(new Zone(SecurityZone.Trusted));
PermissionSet pset = SecurityManager.GetStandardSandbox(ev);
AppDomainSetup ads = new AppDomainSetup();
ads.ApplicationBase = "C:\\Sandbox";
// Create the sandboxed domain.
AppDomain sandbox = AppDomain.CreateDomain(
"Sandboxed Domain",
ev,
ads,
pset,
null);
The c# eval is embedded in a server app, but I don't want give the sandbox to much control unless it bo bo's the caller. What i'm looking for is regarding some clarification as to what to provide as Evidence from the caller. I'm looking for advice and guidance.
Any help would be appreciated.
326
You can either use the 'Internet' permission set or the 'Execution' permission set, both have limited permissions as they are deemed unsafe.
156
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
