Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Limit assembly in its permissions in c#

I am developing an application in C# which is able to load dlls dynamically. These dlls are representing my "apps". I want to limit these apps in their permissions. For example (one of my main problems) prevent the access to the disc. Because my apps are using functionalities and instances of my main app domain, I don't want them to run in a seperate, sandboxed appdomain.

Is this possible anyway?

like image 923
Marco Klein Avatar asked Dec 21 '12 17:12

Marco Klein


2 Answers

Since you mentioned Disk access, consider using .Net's Code Access Security, which was designed for this purpose.

Defines permissions and permission sets that represent the right to access various system resources.

Without replicating the documentation, let me just say that your application's code may call into the plugin's code, but restrict it from doing specific things like starting new threads or accessing a disk.

Here are some of the resources you can restrict access to:

  • System.Security.Permissions.FileIOPermission
  • System.Security.Permissions.RegistryPermission
  • System.Security.Permissions.UIPermission
like image 77
agent-j Avatar answered Sep 30 '22 09:09

agent-j


I'm certainly not sure how to implement it all, but it looks like the interface IPermission may be required, I located another answer here on SO that may be helpful.

Implementing IPermission for custom code access security

like image 22
Matt Klinker Avatar answered Sep 30 '22 09:09

Matt Klinker