加载具有较低权限的程序集
加载程序集、从中实例化类的最简单方法是什么,但以程序集具有有限权限(沙盒)的方式执行此操作?该代码不应能够通过网络进行通信、写入文件系统或执行进程。
更新 我刚刚偶然发现了 Assembly.LoadFrom(string assemblyFile, Evidence securityEvidence) 这个可以用吗?我不确定这个证据的情况。
What is the easiest way to load up an assembly, instantiate a class from it, but do so in a way that the assembly has limited privileges (sandboxed)? The code should not be able to communicate across the network, write to the file system, or execute processes.
UPDATE
I just stumbled upon Assembly.LoadFrom(string assemblyFile, Evidence securityEvidence)
Can this be used at all? Not sure I under this evidence thing.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您需要将其加载到其自己的 AppDomain 中。
这是一篇描述整个过程的文章。
You need to load it in its own AppDomain.
Here is an article describing the entire process.
另一种选择(但不是 100% 可靠)是依赖调用堆栈上的 CAS 拒绝令牌。
据推测,加载的类上的第一个初始方法将由您控制下的代码调用,然后您可以使用“拒绝”安全操作来阻止该方法访问 .NET 框架的某些部分。
代码大致如下:
建议的解决方案有一些警告,它假设您没有使用 Silverlight,并且如果程序集是使用特制的 CIL 程序集编写的,则存在潜在的安全风险。
获得的好处是您可以避免使用单独的 AppDomain 以及涉及多个 AppDomain 的编组问题。
Another option, but not 100% reliable, would be to on rely CAS deny tokens on the call stack.
Presumably the first initial method on the loaded class would invoked by code under your control, you could then use a Deny security action to prevent the method from accessing certain parts of the .NET framework.
the code would be something along these lines:
The suggested solution has a few caveats, it assumes that you are not using Silverlight and there is a potential security risk, if the assembly was written using specially crafted CIL assembly.
The benefit gained is that you can avoid using separate AppDomains and the marshalling issues involved with multiple AppDomains.