.NET/安全性:限制运行时加载的程序集访问某些API [英] .NET/Security: Limiting runtime-loaded assemblies from accessing certain APIs

问题描述

在Shell应用程序中，我需要能够在运行时加载和执行其他.NET程序集，但又不能完全信任它们.本质上，我想限制它们(加载的程序集)不接触任何系统资源(线程，网络等)，唯一的例外是隔离存储.但是，来自我"的程序集需要完全信任地执行.

In a shell application, I need to be able to load and execute other .NET assemblies at runtime, but without giving them full trust. Essentially, I want to limit them (the loaded assemblies) from touching any system resources (threading, networking, etc), with the only exception being isolated storage. However, assemblies which are from "me" need to be executed with full trust.

我一直在考虑代码访问安全性，但是我不确定它是否应该使用.

I've been considering Code Access Security, but I'm not quite sure it's what I should use.

您将如何处理?

推荐答案

CAS在这里几乎就是您所需要的.更具体地说，您想在其自己的应用程序域中加载程序集:

CAS is pretty much what you need here. More specifically, you want to load the assembly in its own Application Domain:

var myEvidence = new Evidence(new object[] {SecurityZone.Internet});
var newDomain = AppDomain.CreateDomain("InternetDomain");
myDomain.Load("MyUntrustedAssembly.dll", myEvidence);
myDomain.CreateInstanceAndUnwrap("MyUntrustedAssembly","MyUntrustedObjectType");

//do your work with the untrusted assembly/type

AppDomain.Unload(myDomain);

阅读应用程序域"，各个区域以及分配给它们的默认权限集. Internet是系统定义的区域/权限集中限制性最强的区域，在该区域中，程序集仍然可以实际执行(还有限制区域"；进入该区域的程序集无法运行).您可以使用.NET配置工具创建权限集，并定义代码必须满足的条件(证据)才能被授予权限集.

Read up on Application Domains, the various zones, and the default permission sets assigned to them. Internet is the most restrictive of the system-defined zones/permission sets available in which assemblies can still actually execute (there's also the Restricted zone; assemblies falling into this zone cannot run). You can use the .NET Configuration tool to create permission sets and define the conditions (evidence) that code must satisfy to be granted the permission set.

这篇关于.NET/安全性:限制运行时加载的程序集访问某些API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！