为C＃评估者提供沙箱应用程序域的最佳证据 [英] Best evidence to offer a sandboxed appdomain for a C# evaluator

问题描述

我有一个c＃评估器，它使用（我认为）.Net 4新的简化沙箱应用程序域模型来托管c＃程序集，远程处理剩下的。创建appdomain的调用是

I have a c# evaluator which uses the (I think) the .Net 4 new simplified sandboxed appdomain model to host the c# assembly, with remoting doing the rest. The call to create the appdomain is

        Evidence ev = new Evidence();
        ev.AddHostEvidence(new Zone(SecurityZone.Trusted));
        PermissionSet pset = SecurityManager.GetStandardSandbox(ev);

        AppDomainSetup ads = new AppDomainSetup();
        ads.ApplicationBase = "C:\\Sandbox";

        // Create the sandboxed domain.
        AppDomain sandbox = AppDomain.CreateDomain(
           "Sandboxed Domain",
           ev,
           ads,
           pset,
           null);

c＃eval嵌入在服务器应用程序中，但我不想让沙箱控制，除非它bo bo的调用者。我正在寻找的是关于一些澄清什么提供作为证据从调用者。我正在寻找建议和指导。

The c# eval is embedded in a server app, but I don't want give the sandbox to much control unless it bo bo's the caller. What i'm looking for is regarding some clarification as to what to provide as Evidence from the caller. I'm looking for advice and guidance.

任何帮助将不胜感激。

Any help would be appreciated.

推荐答案

您可以使用互联网权限集或执行权限集，认为不安全。

You can either use the 'Internet' permission set or the 'Execution' permission set, both have limited permissions as they are deemed unsafe.

这篇关于为C＃评估者提供沙箱应用程序域的最佳证据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！