That's the theory - unfortunately I'm not sure exactly what knobs to twist in the CLR to accomplish it though.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Cummings Sent: Friday, March 28, 2008 9:46 AM To: Discussion of IronPython Subject: Re: [IronPython] DLR Hosting Question I was afraid of that. So, if I am reading your response correctly... I can from my Apps AppDomain ( Primary ) create a second AppDomain ( Secondary ) which has limited permissions, specifically for me loading assemblies. I can then use the DLR in the Secondary AppDomain and use the DLR API to load the Assemblies I want. That about sum it up. I know that there may be ways around it, I'm just trying to be secure enough at this point. Thanks, Michael On Thu, Mar 27, 2008 at 8:50 PM, Dino Viehland <[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>> wrote: There's no way to currently do this from the DLR and I suspect it's beyond the scope of both the DLR and IronPython. What you might be able to do is create an AppDomain with limited permissions and therefore prevent the loading of assemblies at the lower level. Once you've done that the DLR hosting APIs have support for loading them in a remote app domain. The reason why we wouldn't do this directly is it's very hard to prevent access. Once you can do import clr you can do: clr.GetClrType(str).Assembly.System.Reflection.Assembly.Load(...) and there's likely other ways to get around any walls we could put up (e.g. 'abc'.GetType().Assembly... not to mention any othe APIs that could return types). From: [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]> [mailto:[EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>] On Behalf Of Michael Cummings Sent: Thursday, March 27, 2008 12:01 PM To: Discussion of IronPython Subject: [IronPython] DLR Hosting Question Hi all, I'm putting together a seminar at our local Code Camp for hosting the DLR and integration with applications. The hosting spec pdf is great however I do have (at least) one question that isn't explained very well in the doc. How can I restrict what assemblies can be loaded by a ScriptScope? To explain further: If I use the following code to load a py script file ScriptRuntime env = ScriptRuntime.Create(); ScriptEngine eng = env.GetEngineByFileExtension( "py" ); ScriptSource source = eng.CreateScriptSourceFromString( form.Source, SourceCodeKind.File ); source.Execute(); Where form.Source is a string containing this : import sys import clr clr.AddReference("System.Windows.Forms") clr.AddReference("System") clr.AddReference("Microsoft.Xna.Framework") clr.AddReference("Microsoft.Xna.Framework.Graphics") clr.AddReference("Microsoft.Xna.Framework.Input") clr.AddReference("Bnoerj.AI.Steering.Demo.Plugins.Ctf") from Bnoerj.AI.Steering.Demo.Plugins.Ctf import CtfBase, Globals class CtfPythonSeeker(CtfBase): def __init__(self): Reset() def Reset(self): Globals.Instance.Seeker = self How can I prevent some references from being referenced, like "Microsoft.Xna.Framework" but allow "Bnoerj.AI.Steering.Demo.Plugins.Ctf"? Thanks in advance Michael _______________________________________________ Users mailing list Users@lists.ironpython.com<mailto:Users@lists.ironpython.com> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
_______________________________________________ Users mailing list Users@lists.ironpython.com http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
