在 c# 中对不受信任的代码进行沙盒处理,安全权限似乎不起作用
Sandboxing untrusted code in c#, Security Permissions seem not working
这是我的代码:
System.Security.PermissionSet PS = new System.Security.PermissionSet(PermissionState.None);
PS.AddPermission(new FileIOPermission(FileIOPermissionAccess.AllAccess,Path));
PS.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
AppDomainSetup ADS = new AppDomainSetup();
ADS.ApplicationBase= Path;
AppDomain domain = AppDomain.CreateDomain("Pluging", null, ADS, PS, null);
Assembly asm = Assembly.LoadFrom(Path + "MacroBase.dll");
domain.Load(asm.FullName);
MacroBase.MacroBase em = (MacroBase.MacroBase)domain.CreateInstanceAndUnwrap(asm.FullName, "MacroBase.MacroBase");
em.Application(1);
参数Path有包含dll的floder的地址。现在是
"D:\Programming Projects\Server3\Macros\c7b465b2-8314-4c7e-be3c-10c0185b4ac6"
macrobase.dll 的副本位于该 Guid 文件夹中。 Appdomain 加载此 dll 并运行方法 Application.
由于开始时应用了 FileIOPermissionAccess,我预计最后一行无法访问 c:\,但是提到的方法:
MacroBase.Application(int i)
{
System.IO.File.ReadAllBytes("c:\test1_V.103.xls");
}
就像完全不受限制一样运行。
基于 Microsoft 的这篇文章:
How to: Run Partially Trusted Code in a Sandbox
我也尝试了以下格式,但没有更好的结果(它可以访问 c:):
System.Security.PermissionSet PS = new System.Security.PermissionSet(PermissionState.None);
PS.AddPermission(new FileIOPermission(FileIOPermissionAccess.AllAccess,Path));
PS.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
AppDomainSetup ADS = new AppDomainSetup();
ADS.ApplicationBase= Path;
AppDomain domain = AppDomain.CreateDomain("Pluging", null, ADS, PS, null);
Assembly asm = Assembly.LoadFrom(Path + "MacroBase.dll");
domain.Load(asm.FullName);
System.Runtime.Remoting.ObjectHandle handle = Activator.CreateInstanceFrom(domain, Path + "MacroBase.dll", "MacroBase.MacroBase");
MacroBase.MacroBase m = (MacroBase.MacroBase)handle.Unwrap();
m.Application(1);
MacroBase.Macrobase 是未来宏的占位符。它被放置在一个名为 macrobase.dll 的 dll 中。现在它只包含一些伪代码:
namespace MacroBase
{
[Serializable]
public class MacroBase
{
public void Application(int i)
{
List<int> i1 = new System.Collections.Generic.List<int>() { 1,2,3,4};
System.IO.File.ReadAllBytes("c:\test1_V.103.xls");
switch(i)
{
case 0:
break;
case 1:
break;
default:
break;
}
}
}
}
你的 class 标记为 [Serializable] 并且不是从 MarshalByRefObject 派生的,这意味着当实例通过应用程序域边界时,它会在目标域中被序列化而不是反序列化。因此,您的代码会在您当前的域中执行,而不是在单独的域中执行。您应该从 MarshalByRefObject 派生 MacroBase.Macrobase class,以使代码在单独的域中执行。
这是我的代码:
System.Security.PermissionSet PS = new System.Security.PermissionSet(PermissionState.None);
PS.AddPermission(new FileIOPermission(FileIOPermissionAccess.AllAccess,Path));
PS.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
AppDomainSetup ADS = new AppDomainSetup();
ADS.ApplicationBase= Path;
AppDomain domain = AppDomain.CreateDomain("Pluging", null, ADS, PS, null);
Assembly asm = Assembly.LoadFrom(Path + "MacroBase.dll");
domain.Load(asm.FullName);
MacroBase.MacroBase em = (MacroBase.MacroBase)domain.CreateInstanceAndUnwrap(asm.FullName, "MacroBase.MacroBase");
em.Application(1);
参数Path有包含dll的floder的地址。现在是 "D:\Programming Projects\Server3\Macros\c7b465b2-8314-4c7e-be3c-10c0185b4ac6" macrobase.dll 的副本位于该 Guid 文件夹中。 Appdomain 加载此 dll 并运行方法 Application.
由于开始时应用了 FileIOPermissionAccess,我预计最后一行无法访问 c:\,但是提到的方法:
MacroBase.Application(int i)
{
System.IO.File.ReadAllBytes("c:\test1_V.103.xls");
}
就像完全不受限制一样运行。
基于 Microsoft 的这篇文章: How to: Run Partially Trusted Code in a Sandbox 我也尝试了以下格式,但没有更好的结果(它可以访问 c:):
System.Security.PermissionSet PS = new System.Security.PermissionSet(PermissionState.None);
PS.AddPermission(new FileIOPermission(FileIOPermissionAccess.AllAccess,Path));
PS.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
AppDomainSetup ADS = new AppDomainSetup();
ADS.ApplicationBase= Path;
AppDomain domain = AppDomain.CreateDomain("Pluging", null, ADS, PS, null);
Assembly asm = Assembly.LoadFrom(Path + "MacroBase.dll");
domain.Load(asm.FullName);
System.Runtime.Remoting.ObjectHandle handle = Activator.CreateInstanceFrom(domain, Path + "MacroBase.dll", "MacroBase.MacroBase");
MacroBase.MacroBase m = (MacroBase.MacroBase)handle.Unwrap();
m.Application(1);
MacroBase.Macrobase 是未来宏的占位符。它被放置在一个名为 macrobase.dll 的 dll 中。现在它只包含一些伪代码:
namespace MacroBase
{
[Serializable]
public class MacroBase
{
public void Application(int i)
{
List<int> i1 = new System.Collections.Generic.List<int>() { 1,2,3,4};
System.IO.File.ReadAllBytes("c:\test1_V.103.xls");
switch(i)
{
case 0:
break;
case 1:
break;
default:
break;
}
}
}
}
你的 class 标记为 [Serializable] 并且不是从 MarshalByRefObject 派生的,这意味着当实例通过应用程序域边界时,它会在目标域中被序列化而不是反序列化。因此,您的代码会在您当前的域中执行,而不是在单独的域中执行。您应该从 MarshalByRefObject 派生 MacroBase.Macrobase class,以使代码在单独的域中执行。