Re: [ADVANCED-DOTNET] CreateDomain

Fri, 10 May 2002 10:23:14 -0700 

> How can I create a separate AppDomain with reduced permission
> to run customer code?

This does it for me:

using System;
using System.Reflection;
using System.Security;
using System.Security.Policy;
using System.Security.Permissions;

class Class1
{
        static void Main(string[] args)
        {
                AppDomain ad = GetNewSecuredAD();
                AppDomain me = AppDomain.CurrentDomain;

                // Try to run code from somewhere besides C:\safe in
this appdomain
                TryRun("C:\\temp\\foo.exe", me);

                // Try to run code from C:\safe in this appdomain
                TryRun("C:\\safe\\foo.exe", me);

                // THIS SHOULD BLOW UP
                // Try to run code from somewhere besides C:\safe in
other appdomain
                TryRun("C:\\temp\\foo.exe", ad);

                // Try to run code from C:\safe in other appdomain
                TryRun("C:\\safe\\foo.exe", ad);
        }

        static void TryRun(string path, AppDomain ad)
        {
                try
                {
                        ad.ExecuteAssembly(path);
                        Console.WriteLine("Execution of {0} succeded in
{1}", path, ad.FriendlyName);
                }
                catch (PolicyException pe)
                {
                        Console.WriteLine("Execution of {0} failed:
{1}", path, pe.Message);
                }
        }

        static AppDomain GetNewSecuredAD()
        {
                AppDomain ad = AppDomain.CreateDomain("mynewappdomain");
                PolicyLevel pl = PolicyLevel.CreateAppDomainLevel();

                // Find the "nothing" and "everything" permission sets.
                NamedPermissionSet everything = null;
                NamedPermissionSet nothing = null;
                foreach (NamedPermissionSet ps in
pl.NamedPermissionSets)
                {
                        if (ps.Name == "Everything")
                        {
                                everything = ps;
                        }
                        else if (ps.Name == "Nothing")
                        {
                                nothing = ps;
                        }
                }


                // This will apply to all code
                AllMembershipCondition mc = new
AllMembershipCondition();

                // We will give code no permissions by default
                PolicyStatement pst = new PolicyStatement(nothing);
                CodeGroup root = new UnionCodeGroup(mc, pst);

                // We'll only give code in the C:\safe directory the
ability to run
                UrlMembershipCondition mc2 = new
UrlMembershipCondition("file://C:\\safe\\*");
                pst = new PolicyStatement(everything);
                CodeGroup cg = new UnionCodeGroup(mc2, pst);

            pl.RootCodeGroup = root;
                pl.RootCodeGroup.AddChild(cg);

                // Spit out the policy for the new AD so we can look at
it
                Console.WriteLine(pl.ToXml().ToString());

                ad.SetAppDomainPolicy(pl);

                return ad;
        }
}

You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced 
DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.

Reply via email to