我有工作的 .NET 2.0 插件,它采用外部应用程序创建的 AppDomain,并使用 AppDomain.SetAppDomainPolicy() 方法应用用户定义的安全策略 (PolicyLevel)。但是,此方法在 .NET 4.0 中已过时,并且在运行时失败。这是示例代码:
AppDomain domain = ExternalApplication.GetAppDomain(); //This call is from external program which I can’t change.
PolicyLevel pl = GetUserDefinedPolicyLevel()
领域。 SetAppDomainPolicy(pl); //这在 .NET 4.0 中失败
我看到 4.0 示例通过使用以下调用设置 AppDomain 安全性:
AppDomain.CreateDomain( stringFriendlyName, Evidence securityInfo, AppDomainSetup info, PermissionSet grantSet, params StrongName[] fullTrustAssemblies);
但是,当 AppDomain 已创建时,将使用此 API。在我的情况下,插件必须使用现有的应用程序域。
我发现的另一个解决方案是使用 .config 文件并添加
元素来强制执行旧版 AppDomain 安全性。在我的情况下,这也不是一个选项,因为我有一个应用程序插件,并且无法添加 .config 文件。
在 .NET 4.0 中创建 AppDomain 后,有没有办法在运行时更改 AppDomain 安全性?
我希望这应该是可能的,因为否则 4.0 看起来会删除在运行时加强安全性的能力。
谢谢
I have working .NET 2.0 addin that takes an AppDomain created by an external application and applies user-defined security policy (PolicyLevel) by using AppDomain.SetAppDomainPolicy() method. However, this method is obsolete in .NET 4.0 and fails at runtime. Here is a sample code:
AppDomain domain = ExternalApplication.GetAppDomain(); //This call is from external program which I can’t change.
PolicyLevel pl = GetUserDefinedPolicyLevel()
domain. SetAppDomainPolicy(pl); //This fails in .NET 4.0
I saw 4.0 example setting AppDomain security by using following call:
AppDomain.CreateDomain( string friendlyName, Evidence securityInfo, AppDomainSetup info, PermissionSet grantSet, params StrongName[] fullTrustAssemblies);
However, this API is used when an AppDomain is already created. In my situation the addin has to use existing AppDomains.
Another solution I found was to use .config files and add <NetFx40_LegacySecurityPolicy enabled="true" />
element to enforce legacy AppDomain security. This is also not an option in my case since I have an addin for applications and I can’t add .config files.
Is there a way to change AppDomain security at runtime after it has been created in .NET 4.0?
I hope that this should be possible, since otherwise it would look like 4.0 removed the ability to tighten security at run-time.
Thanks
发布评论