Menu
I am developing an application in C# which is able to load dlls dynamically. These dlls are representing my "apps". I want to limit these apps in their permissions. For example (one of my main problems) prevent the access to the disc. Because my apps are using functionalities and instances of my main app domain, I don't want them to run in a seperate, sandboxed appdomain.
Is this possible anyway?
923
Since you mentioned Disk access, consider using .Net's Code Access Security, which was designed for this purpose.
Defines permissions and permission sets that represent the right to access various system resources.
Without replicating the documentation, let me just say that your application's code may call into the plugin's code, but restrict it from doing specific things like starting new threads or accessing a disk.
Here are some of the resources you can restrict access to:
77
I'm certainly not sure how to implement it all, but it looks like the interface IPermission may be required, I located another answer here on SO that may be helpful.
Implementing IPermission for custom code access security
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
