为 C# 评估者提供沙盒应用程序域的最佳证据
我有 ac# evaluator,它使用(我认为).Net 4 新的简化沙盒 appdomain 模型来托管 c# 程序集,并通过远程处理完成其余的工作。创建应用程序域的调用是
Evidence ev = new Evidence();
ev.AddHostEvidence(new Zone(SecurityZone.Trusted));
PermissionSet pset = SecurityManager.GetStandardSandbox(ev);
AppDomainSetup ads = new AppDomainSetup();
ads.ApplicationBase = "C:\\Sandbox";
// Create the sandboxed domain.
AppDomain sandbox = AppDomain.CreateDomain(
"Sandboxed Domain",
ev,
ads,
pset,
null);
c# eval 嵌入在服务器应用程序中,但我不想给沙箱太多控制权,除非它是调用者。我正在寻找的是有关来电者提供什么证据的一些澄清。我正在寻求建议和指导。
任何帮助将不胜感激。
I have a c# evaluator which uses the (I think) the .Net 4 new simplified sandboxed appdomain model to host the c# assembly, with remoting doing the rest. The call to create the appdomain is
Evidence ev = new Evidence();
ev.AddHostEvidence(new Zone(SecurityZone.Trusted));
PermissionSet pset = SecurityManager.GetStandardSandbox(ev);
AppDomainSetup ads = new AppDomainSetup();
ads.ApplicationBase = "C:\\Sandbox";
// Create the sandboxed domain.
AppDomain sandbox = AppDomain.CreateDomain(
"Sandboxed Domain",
ev,
ads,
pset,
null);
The c# eval is embedded in a server app, but I don't want give the sandbox to much control unless it bo bo's the caller. What i'm looking for is regarding some clarification as to what to provide as Evidence from the caller. I'm looking for advice and guidance.
Any help would be appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以使用“Internet”权限集或“执行”权限集,两者都具有有限的权限,因为它们被认为是不安全的。
You can either use the 'Internet' permission set or the 'Execution' permission set, both have limited permissions as they are deemed unsafe.