Hello Tomas,
Thanks you for your quick response. The permission assert works very well!
Regarding the StringBuilder you are right the host created instance stays
empty so I had to do a scope.GetVariable<StringBuilder>("output");
To get another copy of the StringBuilder. I also felt this wasn't so neat
but didn't know how to work around that. The StringWriter approach is
better but I always get a SEHException when using it.
Did you have any clue why?
Anyways I'll work more on that later.
Thanks again
Pascal
From: ironruby-core-boun...@rubyforge.org
[mailto:ironruby-core-boun...@rubyforge.org] On Behalf Of Tomas Matousek
Sent: October-03-09 3:36 PM
To: ironruby-core@rubyforge.org
Subject: Re: [Ironruby-core] Running IR in an isolated AppDomain
Adding this:
FileIOPermission f = new FileIOPermission(PermissionState.Unrestricted);
f.AllLocalFiles = FileIOPermissionAccess.Read;
f.Assert();
to GetFileContent method should make the SecurityException go away.
However, passing data out of the sandbox via StringBuilder won't work.
StringBuilder is serializable and not MarshalByRefObject (MBRO). The
instance of StringBuilder created by the host is copied to the sandboxed app
domain, where it is filled with data. The instance the host created will
stay empty though. You need to use some MBRO, like StringWriter:
var sb = new StringBuilder();
var output = new StringWriter(sb);
.
ScriptSource source =
rubyEngine.CreateScriptSourceFromString("output.write(helper.GetFileContent(
))");
.
Console.WriteLine(sb);
Tomas
From: ironruby-core-boun...@rubyforge.org
[mailto:ironruby-core-boun...@rubyforge.org] On Behalf Of Pascal Normandin
Sent: Saturday, October 03, 2009 8:57 AM
To: ironruby-core@rubyforge.org
Subject: [Ironruby-core] Running IR in an isolated AppDomain
Hello,
I'm trying to add scripting capability to a wiki type web application with
IronRuby. I want to run IR in a low trust environment with only access to
variables provided in the scope. Those variables are helper objects that
have access to local resources i.e. FS.
I'm able to create the AppDomain with restricted security, run IR in that
AppDomain and use the helper objet from IR but I have a problem when
invoking a method of the helper object that has access to the file system.
When I call my helper.GetFileContent() method (see below) from the IR
AppDomain I receive the following exception
Request for the permission of type
'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089' failed
At some point I thought that maybe the code is being executed from the IR
AppDomain so I added a check on the AppDomain Name and it is executing in
the Main AppDomain not the IR AppDomain.
Does anyone have an idea why it is behaving like that?
Is this the expected behaviour?
Or do you have any tip to help me troubleshoot and find the root of this?
Thank you;
Pascal Normandin
Here is my Helper class
public class Helper : MarshalByRefObject {
public string GetFileContent() {
var appDomainName = AppDomain.CurrentDomain.FriendlyName;
StreamReader rdr = File.OpenText("C:\\test\\test.txt");
return rdr.ReadToEnd();
}
}
Here is How I create the ScriptRuntime in the AppDomain
protected static ScriptRuntime CreateIronRubyRuntime()
{
// Setup the ruby engine in a Sandbox
var rubySetup = Ruby.CreateRubySetup();
rubySetup.Options["InterpretedMode"] = true;
var runtimeSetup = new ScriptRuntimeSetup();
runtimeSetup.LanguageSetups.Add(rubySetup);
runtimeSetup.DebugMode = false;
AppDomainSetup info = new AppDomainSetup();
info.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory +
"\\bin <file:///\\bin> ";
info.ApplicationName = "Wiki";
PermissionSet ps1 = new PermissionSet(PermissionState.None);
SecurityPermissionFlag flag =
SecurityPermissionFlag.SkipVerification | SecurityPermissionFlag.Execution |
SecurityPermissionFlag.ControlAppDomain;
ps1.AddPermission(new SecurityPermission(flag));
AppDomain newDomain = AppDomain.CreateDomain("IR", null, info,
ps1);
ScriptRuntime runtime = ScriptRuntime.CreateRemote(newDomain,
runtimeSetup);
return runtime;
}
Here is how I execute the IR script
var rubyEngine = Ruby.GetEngine(runtime);
ScriptScope scope = runtime.CreateScope();
StringBuilder sb = new StringBuilder();
scope.SetVariable("output", sb);
Helper helper = new Helper();
scope.SetVariable("helper", helper);
ScriptSource source =
rubyEngine.CreateScriptSourceFromString("output.append(helper.GetFileContent
())");
source.Execute(scope);
_______________________________________________
Ironruby-core mailing list
Ironruby-core@rubyforge.org
http://rubyforge.org/mailman/listinfo/ironruby-core
