Hello,

I'm trying to use C# as a script language for my .NET application.
Users able to write a method (say, Foo(Myclass parameter))
Then in run time I'm wrapping this method into namespace code, compile into
assembly signed with special key and execute.

Here is a problem - I'd like to apply some restrictions on user's code.
I.e. "Internet" set of permissions.

But it doesn't work. When I create code group for this special key, any
permission set besides "Full trust" gives me
"Security error". Even "Everything" set. I have "This policy level"
checkbox in Code Group properties dialog checked (if it not checked then
compiled assembly got all permissions from main application)
So, is it possible at all? Am I doing something wrong or may be just don't
understand something about security model?

Please, help!

Here is code snippet

CodeDomProvider provider = new CSharpCodeProvider();
ICodeCompiler compiler = provider.CreateCompiler();
CompilerParameters compilerParams = new CompilerParameters();
compilerParams.GenerateInMemory = false;
compilerParams.ReferencedAssemblies.Add("System.dl l");

compilerParams.ReferencedAssemblies.Add(Path.Combi ne(Application.StartupPath
, "MyCompany.MyFramework.dll"));

string code = "[assembly: AssemblyKeyName(\"MyKey\")]";
code += myNamespaceAndMethodText;

CompilerResults results =
compiler.CompileAssemblyFromSource(compilerParams, code);
object o = results.CompiledAssembly.CreateInstance("MyClass", true);

//this is where Security exception throws:
object retVal = o.GetType().InvokeMember("Foo", new object[]
{myClassInstance});


regards,
Ken

Hi Ken,

This sounds to me like you might be running into APTCA. Is the exception
occuring when the newly compiled code calls back into code that you've
provided with your application? Check out:
http://blogs.msdn.com/shawnfa/archiv...04/367390.aspx for more
information about APTCA.

Also, you didn't say in your post, but if you really want to be secure
about things, you should be loading the assemblies you compile into a
seperate AppDomain which also has Internet evidence applied, in order to
isolate them from the rest of yoru system.

-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.


Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
3.phx.gbl

Hello,

I'm not very proficient on this topic, but I believe you should load the
newly created type into another app domain and execute it there.

The new app domain can be initialized with a custom set of evidence.

Greetings,
Henning Krause [MVP]
==========================
Visit my website: http://www.infinitec.de
Try my free Exchange Explorer: Mistaya
(http://www.infinitec.de/software/mistaya.aspx)


"JFN" <andre (AT) ipmouse (DOT) com> wrote

""Shawn Farkas [MS]"" <shawnfa (AT) online (DOT) microsoft.com> wrote


Thank you, this is may be it. I'll try at Monday

I havn't done that before. Any code snippets? Also, how would it work with
objects from main AppDomain?
I need to pass quite a bit information to those compiled methods.

regards,
Ken

You'd need to make the objects that interface between the AppDomains derive
from MarshalByRefObject. Here's some information that shows how to setup a
sandboxed domain:
http://blogs.msdn.com/shawnfa/archiv...25/247379.aspx


-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.


Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
8.phx.gbl!TK2MSFTNGP10.phx.gbl

""Shawn Farkas [MS]"" <shawnfa (AT) online (DOT) microsoft.com> wrote

I have figured out part of puzzle today - was able to create domain,
compile signed assembly on fly,
add "AllowPartiallyTrustedCallers" attribute to my main assemblies, and pass
my objects as parameters.
And permission set for my public key that I set up in .NET security applied.
Thank you for help.

One more thing I run into while trying to make production code out of test
rig.
I cannot load this new temporary assembly to new AppDomain from temp folder.

I.e. when I use output name for temp assembly in my bin folder, everything
works

CompilerParameters compilerParams = new CompilerParameters();
compilerParams.ReferencedAssemblies.Add(Path.Combi ne(Application.StartupPath
, "MyCompany.MyFramework.dll"));
compilerParams.OutputAssembly = Path.Combine(Application.StartupPath,
"foo.dll"));

macroDomain.CreateInstanceFromAndUnwrap(compilerPa rams.OutputAssembly,
"MyClass.Bar");

For many reasons, I don't want to write into application folder. So, I need
to use temp one.

compilerParams.OutputAssembly = Application.GetTempFileName();
//Yes, I know it does using temp file by default, just want to make sample
clear.

Then when I'm trying to load it, I keep getting "cannot find assembly or
referenced assembly" error
(remember, compiled on the fly assembly references 2 assemblies from my
application folder)
I have created AppDomain using AppDomainSetup class, with different
combinations of ApplicationBase, PrivetBinPath
pointed to my application and temp folders, even tried to load referenced
assemblies to new domain manually, but
nothing works.
Any ideas?

regards,
Ken

Sure do :-) The directory you want to put the generated assemblies in
needs to be located under the directory your application is executing in
(or more precisely the AppBase directory). I recommend reading Suzanne
Cook's blog for information about the loader
(http://blogs.msdn.com/suzcook). Specifically
http://blogs.msdn.com/suzcook/archiv.../29/57120.aspx for help
debugging load failures.

-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.


Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
<eO#OcrEHFHA.3156 (AT) TK2MSFTNGP10 (DOT) phx.gbl>
<K2Tk8HeHFHA.3888 (AT) TK2MSFTNGXA02 (DOT) phx.gbl>
8.phx.gbl!TK2MSFTNGP10.phx.gbl

Hey, too bad I only read your answer tonight.
Spend ~4 hours today trying to figure it out WTF is going on. I have found
her blog and this particular entry,
which helped me finally understood that is it my main domain couldn't find
new assembly, not a new one,
after that rest was piece of cake.
Anyway, thanks a lot for the hints,

regards,
Ken

""Shawn Farkas [MS]"" <shawnfa (AT) online (DOT) microsoft.com> wrote

Glad to help out. Figuring out those loader issues can be a pain the
first time around, but once you get a hang of things they all follow a
pretty basic set of rules.

-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.


Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
<eO#OcrEHFHA.3156 (AT) TK2MSFTNGP10 (DOT) phx.gbl>
<K2Tk8HeHFHA.3888 (AT) TK2MSFTNGXA02 (DOT) phx.gbl>
<##X8LYhHFHA.1396 (AT) TK2MSFTNGP10 (DOT) phx.gbl>
<6n0x8#rHFHA.1140 (AT) TK2MSFTNGXA02 (DOT) phx.gbl>
0.phx.gbl