Loading An Assembly Into An Application Domain With Lower Security

StackOverflow https://stackoverflow.com/questions/9084795

  •  06-12-2019
  •  | 
  •  

Question

I'm trying to create a Sandbox App Domain that has read only access to the file system. The code I have written to do this is 

    var ps = new PermissionSet(PermissionState.None);
    ps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
    var f = new FileIOPermission(PermissionState.None);
    f.AllLocalFiles = FileIOPermissionAccess.Read;
    ps.AddPermission(f);

    AppDomain domain = AppDomain.CreateDomain("MyDomain",
        null,
        new AppDomainSetup { ApplicationBase = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location) },
        ps                
        );
    string pathToDll = @"c:\temp\test.dll";
    string thirdPartyFullName = "MyTest.Test";
    IPlugin myObject = (IPlugin)domain.CreateInstanceFromAndUnwrap(pathToDll, thirdPartyFullName);

It almost works except it errors on the last line with this exception

Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

If I change the FileIOPermission on the App Domain to have full access it runs fine. Is there something I need to change in Assembly I'm loading into the Application Domain to say it only needs read access to the file system?

I'm using .Net 4.0.

Was it helpful?

Solution

I think you probably also need 

FileIOPermissionAccess.PathDiscovery

http://msdn.microsoft.com/en-us/library/y7h7t2a2.aspx

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top