沙盒应用程序域内的后期绑定实例化 [英] Late binding instantiation inside of sandboxed appdomain

问题描述

嗨！

在我的场景中，应该在沙盒应用程序域内(通过Activator.CreateInstance)实例化一些第三方类.但是这是不可能的，因为CreateInstanceMethod抛出SecruityException.实例化新实例需要完全信任 第三方类的实例(SecurityException的Required属性中的PermissionState为Unrestricted = true).

In my scenario some 3-rd party class should be instantiated inside of sandboxed application domain(via Activator.CreateInstance). But it is not possible because CreateInstanceMethod throws SecruityException. It requires a full trust to instantiate a new instance of the 3-rd party class(PermissionState with Unrestricted=true in Demanded property of SecurityException).

我的应用程序具有以下架构:

My application has the following architecture:

1. 应用程序在完全信任的上下文中执行；
2. 应用程序创建一个新的沙盒应用程序域；
3. 具有第3方类的程序集将加载到沙盒应用程序域；
4. 默认应用程序域通过远程处理边界来调用实例化逻辑.
5. 用于实例化第3方类的挂钩代码是完全可信的(因为其程序集是在AppDomain.CreateDomain方法的完全信任列表中定义的).
6. 挂钩代码尝试实例化第三方类，并因SecurityException失败:

1. Application executes in full trust context;
2. Application creates a new sandboxed application domain;
3. An assembly with 3-rd party class loads to sandboxed application domain;
4. Default application domain invokes instantiation logic through remoting boundaries;
5. A hook code that is used to instantiate 3-rd party class are fully trusted (because its assembly is defined in full trust list of AppDomain.CreateDomain method).
6. The hook code attempts to instantiate 3-rd party class and fails with SecurityException: "Request failed";

调用堆栈:

在System.RuntimeTypeHandle.CreateInstance(运行时类型类型，布尔publicOnly，布尔noCheck，布尔& canBeCached，RuntimeMethodHandleInternal& ctor，布尔&bNeedSecurityCheck)
  在System.RuntimeType.CreateInstanceSlow处(布尔publicOnly，布尔skipCheckThis，布尔fillCache)
  在System.RuntimeType.CreateInstanceDefaultCtor处(布尔publicOnly，布尔skipVisibilityChecks，布尔skipCheckThis，布尔fillCache)
  在System.Activator.CreateInstance(类型类型，布尔型非公共)上
  在System.Activator.CreateInstance(Type type)

at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck)
   at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache)
   at System.RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean skipCheckThis, Boolean fillCache)
   at System.Activator.CreateInstance(Type type, Boolean nonPublic)
   at System.Activator.CreateInstance(Type type)

如果我使用[PermissionSet(SecurityAction.Assert，Unrestricted = true)]装饰实例化方法，则可以解决此问题.但是在这种情况下，第三方构造函数内部的所有代码都是不受限制的.

This issue can be fixed if I decorate my instantiation method with [PermissionSet(SecurityAction.Assert, Unrestricted = true)]. But in this case, all code inside of 3-rd party constructor is unrestricted.

P.S .:第三方类不是从MarshalByRefObject派生的.

P.S.: Third party class doesn't derive from MarshalByRefObject.

谢谢！

推荐答案

Which .NET Framework you're using, 2.0 or 4.0? The SecurityException exception supposed to contains more information than a callstack, could you post the whole exception message here?

 

Activator.CreateInstance方法是SecurityCritical，只能由完全信任代码调用，可以使用Reflection获取第三个方法的构造方法方类，并直接调用其构造函数.

The Activator.CreateInstance method is SecurityCritical and can be called only by full-trust code, you can use Reflection to get constructor of the 3rd party class, and invoke its constructor directly.

这篇关于沙盒应用程序域内的后期绑定实例化的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！