I'm writing a .net win app that loads foreign assemblies and executes third party scripts. I am looking for a way to sanitize the code executed by the foreign script, and only allow the third party scripts access to a defined set of websites. Creating a PermissionSet with its state set to none, and then adding the desired websites, and selecting "Permit only", would seem to do the trick, if it wasn't for the fact that the third party code can, under full trust, revert this by using Assert. Still I want the part of the code that I control myself to run under full trust, so I am looking for a way to restrict the trust level for a particular thread, or at a particular point in the stack, programmatically.
Any help would be much appreciated.
-
You can't do this on a thread level.
The appropriate way to have different trusts in a single application is by creating a separate AppDomain for the third party scripts to run under.
Chris Brumme wrote a good blog post regarding AppDomains for some background reading.
David Hedlund : looks like i have a lot of reading up to do. thanks for pointing me in the right direction.From Reed Copsey
0 comments:
Post a Comment