如何使用CAS在.NET 4中锁定我的MEF扩展？ [英] How can I use CAS in .NET 4 to lock down my MEF extensions?

问题描述

我在.NET 4中使用MEF可扩展的应用程序。我的主要应用程序有三个组件：主机，应用程序和合同。

I have an application in .NET 4 that uses MEF for extensibility. My main application has three assemblies: Host, Application and Contracts.

主机是引导魁梧的可执行文件创建容器并执行组成。

Host is the "boot-strapping" executable that creates the container and does the composition.

应用程序包含我的应用程序的逻辑，并为第三方更多的扩展点。

Application contains the logic of my application, and more extension points for 3rd parties.

合同包含了在扩展点使用的接口（以及一些辅助类）。

Contracts contains the interfaces (and some helper classes) that are used in the extension points.

因此​​，有人开发第三方应用程序必须包括引用合同，而不是应用程序。

Therefore, someone developing a 3rd party application has to include a reference to Contracts, but not to Application.

我在想，我的安全模型应该是这样的：

I'm thinking that my security model should look like this:

1. 主机和应用程序应 SecurityCritical
2. 合同应 SecuritySafeCritical
3. 所有第三方扩展应该是 SecurityTransparent

1. Host and Application should be SecurityCritical
2. Contracts should be SecuritySafeCritical
3. All 3rd party extensions should be SecurityTransparent

我觉得1.将默认支付。我知道，我可以实现2.与程序集属性。现在的问题是，我该如何执行规则3.？是否操作系统通过标记所有下载扩展为不信任自动做到这一点？是否有可能为下载的扩展组件成为完全受信任？

I think that 1. will be satisfied by default. I know that I can implement 2. with an assembly attribute. The question is, how do I enforce rule 3.? Does the operating system do this automatically by flagging all downloaded extensions as untrusted? Is it possible for a downloaded extension assembly to become fully trusted?

推荐答案

如果您的应用程序在完全信任运行，则默认情况下您的扩展，将运行在完全信任，并能够呼风唤雨。但是，无论什么样的安全属性对他们是。要限制哪些扩展可以做什么，你需要创建一个沙盒应用程序域。你会设置你的主机和应用程序在该应用程序域和所有其他code完全信任只会有权限授予它。

If your application is running in full trust, then by default your extensions will be running in full trust and be able to do anything they want. It won't matter what the security attributes on them are. To limit what extensions can do, you need to create a sandbox appdomain. You would set your Host and Application as fully trusted in that AppDomain and all other code would only have the permissions you grant it.

下面是关于这一主题的MSDN文章：如何：运行部分受信任的code在沙箱中

Here's an MSDN article on this topic: How to: Run Partially Trusted Code in a Sandbox

这篇关于如何使用CAS在.NET 4中锁定我的MEF扩展？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！