C# 加载沙盒程序集 [英] C# Load Sandboxed Assembly
问题描述
好的,我有一个应用程序,我想为其他人编写应用程序将加载的模块添加支持.
Okay so, I have an application which I want to add support for other people to write modules that the application will load.
模块将是一个扩展我的模块类的类,用 .Net 编写.我需要知道如何在沙盒环境中加载这些 DLL,只允许它们在某些目录中读/写.
The modules would be a class extending my Module class, written in .Net. I need to know how to load these DLLs in a sandboxed environment, only allowing them to read/write in certain directories.
这可能吗?
推荐答案
是的,这是可能的.使用代码访问安全性和 .NET 沙箱.我建议您查看 CSScript 库(开源).这是一个提供 C# 脚本和动态编译成动态程序集的库.我在一个项目中使用了它,以允许最终用户编写 C# 脚本并执行它们,从而允许与我系统中的类进行交互.该项目要求他们无权访问 File IO 或 MessageBox (UI),因为用户脚本要在服务器上执行.CSSCript 使用 .NET 框架的元素来限制程序集可以访问的内容,如果调用这些禁止类型中的任何一个,您将收到异常.
Yes, this is possible. Using Code Access Security and the .NET Sandbox. I would advise you take a look at the CSScript library (open source). This is a library that provides C# scripting and on the fly compilation into dynamic assemblies. I have used this in a project to allow end-users to write C# scripts and execute them allowing interaction with classes in my system. The project required that they had no access to File IO or MessageBox (UI) as user scripts were to execute on a server. CSSCript used elements of the .NET framework to to limit what the assembly has access to and you will get an exception if any of these prohibited types are called.
所以,看看那个.一旦我找到更多关于如何它可能的细节,我将编辑我的答案,只是为了让你知道它可能!
So, take a look at that. I will edit my answer once I find out some more detail on how its possible, just to let you know it is possible!
好的找到了.这是我几年前与 CSScript 的作者的一次讨论:
Ok found it. Here is a discussion I had with the author of CSScript a few years ago:
我:
我正在开发一个应用程序,并希望让用户能够通过 UI 编写某些操作的脚本.CSScript 看起来非常适合这个.但是,我也希望允许用户执行此操作并在 Web 服务器上执行他们的脚本.现在这是一个安全噩梦,因为用户可以编写Directory.Delete(@"C:", true)"并擦除硬盘驱动器.那么是否可以限制用户可以从其脚本访问的程序集、命名空间甚至类,以便在安全沙箱中运行 CSScript?
I am developing an application and wish to expose the ability for users to script certain actions through the UI. CSScript looks very good for this. However I also wish to allow users to do this and execute their scripts on a web server. Now this is a security nightmare as users could write "Directory.Delete(@"C:", true)" and wipe the hard drive. So would it be possible to restrict the assemblies, namespaces or even classes that a user can access from their script, to sort of run the CSScript in a secure sandbox?
奥列格:
直接有吸引力的解决方案是使用 .NET Sandbox.它专为此类场景而设计.CLR 标准沙箱可用于使用 CS-Script 运行脚本的主机应用程序.这个想法是在加载可疑脚本之前初始化 CAS,其余的由 CLR 负责.如果您需要配置目录/文件权限,您可以使用 CAS 工具来完成.这种方式脚本是用户提供的例程的传输".CS-Script 是实现此类传输的便捷机制,但实际的安全问题由 .NET Sendoxing 解决,它具有全面的功能集,几乎涵盖所有可能的安全场景.通过 CS 脚本下载,您可以找到 Sendboxing 示例 (SamplesSandboxing),它演示了如何防止脚本进行文件 I/O 操作(例如创建文件).
The immediate attractive solution is to use .NET Sandbox. It is designed exactly for this sort of scenarios.The CLR standard sandboxing is available for the host application running scripts with CS-Script. The idea is that you initialise CAS before loading the suspicious script and the rest is a CLR responsibility. And if you need to configure directories/files permissions you do it with CAS tools. This way scripting is a "transportation" for the routine provided by your user. And CS-Script is a convenient mechanism for implementing such transport but the actual security concerns are addressed by .NET Sendoxing, which has comprehensive set of functionality to cover practically all possible security scenarios. With CS-script downloadables you can find the Sendboxing sample (SamplesSandboxing) which demonstrates how to prevent script from file I/O operations (e.g. create file).
因此,我相信您需要查看 .NET Sandbox 并将程序集加载到其中.我意识到这个示例特定于 C# 脚本,但我相信它适用于您的场景,因为上面的 CSScript 示例将向您展示一种实现沙箱和安全的方法.
So, from this I believe you need to look at .NET Sandbox and load the assemblies into that. I realise this example is specific to C# Scripting but I believe it is applicable to your scenario as CSScript examples above will show you a way to achieve sandboxing and security.
可以在此处找到有关如何将程序集加载到沙箱中的一些具体示例:
Some specific examples of how to load assemblies into a sandbox can be found here:
在我们讨论模块加载时,您是否听说过 Microsoft Prism?这为模块加载和依赖注入提供了一个很好的框架(通过 Unity 或 MEF),这在开发插件架构时非常有用.
While we're discussing module loading, have you heard of Microsoft Prism? This provides a good framework for module loading and dependency injection (via Unity or MEF) which could be very useful when developing a plugin architecture.
最好的问候,
这篇关于C# 加载沙盒程序集的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
