Hi :) This is a bid foggy, but here goes: We are playing around with application server that is able to receive csharp source code from the end-user via some communication channel, compile it into an assembly at runtime, load the assembly, create instance of certain class within the assembly then execute some functions on it.
The question is, is there a way to restrict that dynamically generated assembly from performing filesystem IO, network IO, registry access or anything else that would allow that assembly to access information outside the scope of the application server. The basic goal is to allow end-useds to create their own plugins that can utilize certain functionality provided by the application server without compromising server security. Thank you for your time!
