Looking for minimum permissions to load assembly in Sandbox AppDomain. Why these permissions are needed?

Question

I'm trying to put in place the minimum permissions for a sandbox AppDomain in order to load an assembly. It seems that it is mandatory to have PathDiscovery permission on the appBase and Read permission on the loaded assembly, but no permission is required on the dependent assemblies. My questions are: Why do we need PathDiscovery? isn't read access enough on each needed assembly? Why only the loaded assembly needs Read permission and not the dependent ones?

Here a code snippet to give some context:

AppDomainSetup setup = new AppDomainSetup
{
    ApplicationName = "Name",
    ApplicationBase = binFolder,
};

PermissionSet permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));

// Mandatory. Why PathDiscovery is needed?
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.PathDiscovery, binFolder));

// Mandatory. Why Read is not also needed for all dependent assemblies?
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, assemblyPath));

var domain = AppDomain.CreateDomain("Domain Name", null, setup, permissionSet);

domain.CreateInstanceFromAndUnwrap(assemblyPath, typeName);

Answer 1

Why do we need PathDiscovery?

Because successfully loading an assembly from a specified path would reveal that the path exists. Similarly, certain exceptions thrown from an attempt to load an assembly from a path would also reveal that the path is valid, even if the target file is not a .NET assembly.

Why only the loaded assembly needs Read permission and not the dependent ones?

Because the loaded assembly does not control the locations from which its dependencies are loaded, so simply being able to load a dependent assembly does not reveal information about the validity of a specific path. That said, it does reveal some information since the .NET assembly search locations are well known, so I suppose it could be argued that the check here should be a bit stronger. If you feel strongly about it, you could post a bug report at https://connect.microsoft.com/visualstudio/feedback.