在“沙盒环境”中从.Net应用程序加载程序集 [英] Loading Assemblies from a .Net Application in a 'Sandbox Environment'

问题描述

我正在目前正在开发应用程序中，用户将动态选择dll，而应用程序将执行该dll中的某些方法。 （如果您点击第一个链接，将会看到我正在开发一种 Robocode 游戏

I am currently developing an application in where a user will dynamically choose dlls and the application will execute some of the methods in that dll. (if you follow the first link, you will see that I am developing a sort of Robocode game application using the .Net Framework).

例如，当战斗开始时，运行

For example, when the battle starts, the run method from the dll is executed.

由于将执行run方法中指定的内容，因此必须应用很多安全约束。

Since whatever was specified in the run method will be executed, there are quite a bit of Security Constraints that have to be applied.

例如，如果对dll进行了编程的用户，而不是仅使用界面上适用的方法（机器人用于行走和射击的方法等）。 。），调用将检索文件的方法，甚至可能从硬盘中删除文件...并且当另一个用户将该dll加载到他的计算机中时，这些方法将在他的PC上被调用，并且他的文件将被此恶意代码修改

Like for example, if the user who programmed the dll, instead of using only the methods that are applicable from the interface (methods that the robot uses to walk and fire etc...), invokes methods that will retrieve files and maybe even delete files from the hard disk...and when another user loads that dll into his computer, those methods will be invoked on his pc and his files will be modified by this malicious code.

因此，我需要以某种方式使该应用程序从 Sandboxed Environment （沙盒环境），以便无论调用哪种方法，都不会影响打开dll的计算机的硬盘。

Thus, I need to somehow make this application run from a sort of Sandboxed Environment so that whatever methods are invoked, it will not affect the hard disk of the computer that the dll is opened on.

关于我应该如何开始呢？

Any ideas on how I should start in doing this ?

这里是一个有关如何加载这些dll并调用它们的方法的示例：

Here is an example on how I am loading these dlls and invoking their methods:

for (int i = 0; i < robotList.Count; i++)
{
    IRunnable o = robotList[i];
    new Thread(delegate()
    {
        o.run();    
    }).Start();
}

推荐答案

通常，您可能只是活着

AppDomain newDomain = AppDomain.CreateDomain(name);
Assembly asm = newDomain.Load(System.IO.File.ReadAllBytes(name));

但有趣的一点是，AppDomain.Load方法会将程序集加载到新的应用程序域， 以及当前域。

But one interesting point is, the AppDomain.Load method will load the assembly to the new app domain, as well as to the current domain.

更优雅的解决方案是在3.5中使用System.AddIn命名空间。 - http://msdn.microsoft.com/en-us/magazine/cc163476。 aspx

A more elegant solution is to use System.AddIn namespace in 3.5. - http://msdn.microsoft.com/en-us/magazine/cc163476.aspx

然后，您实际上可以使用AddinSecurityLevel来指定插件的信任级别，例如

Then, you can actually specify the trust level for your addin, using the AddinSecurityLevel like

//Activate the selected AddInToken in a new
//application domain with the Internet trust level.
Calculator CalcAddIn = selectedToken.Activate<Calculator>(AddInSecurityLevel.Internet);

请参见 http://msdn.microsoft.com/en-us/library/bb355219.aspx 了解详情。

这篇关于在“沙盒环境”中从.Net应用程序加载程序集的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！