I've done something similar in vanilla dotnet 1) compile code using the CSharpCodeProvider 2) create an IMarshalByRefObject implementation that takes the created assembly as a byte[], loads it and can execute the code 3) in the 'manager', create a new AppDomain with low security permissions - load the IMarshalByRefObject 4) can then execute the loaded code
Key things to check 1) IMarshalByRefObject doesn't accidentally cause types to be loaded from the loaded assembly (ie check return types etc) 2) InitialiseLifetimeService correctly setup 3) correct use of code access security linked with the AppDomain permissions This was a pre-roslyn implmentation, would be much easier now. I'd have thought monos eval functionality would be useful too. On 12 January 2015 at 08:30, Ollhax <[email protected]> wrote: > Hrm, interesting. Is it even possible to run Mono with such settings? > > > > -- > View this message in context: > http://mono.1490590.n4.nabble.com/Sandbox-tp4665163p4665171.html > Sent from the Mono - General mailing list archive at Nabble.com. > _______________________________________________ > Mono-list maillist - [email protected] > http://lists.ximian.com/mailman/listinfo/mono-list >
_______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
