Dody Gunawinata wrote:
In the IronPython hosting API, unless you specifically load the
assembly, it will not be accessible through the script. So right now
restricting access means configuring the assemblies you want to expose
to the script.
But what is to stop the user code doing:
import clr
clr.AddReference('SomeAssembly')
Loading the ScriptRuntime into an AppDomain and restricting the
privileges on that is one way - but I don't think that IronPython will
work at all unless the AppDomain has pretty much full trust.
Michael Foord
On Mon, Jun 30, 2008 at 3:09 PM, Ben Hall <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
I thought this last night, it would be really useful if we could
'sandbox' the IP engine and limit it's access to certain areas of the
framework.
On Mon, Jun 30, 2008 at 12:57 PM, Rainer Worbis
<[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote:
> No - for example i would like to prevent that the user loads
assemblies and does own data access via System.Data.SqlClient.
> Or uses specific parts of the applications. (which should be
visible to other scripts). So access control per script would be
optimal.
>
> Rainer
>
> -----Ursprüngliche Nachricht-----
> Von: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
[mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] Im Auftrag von
Korbinian Abenthum
> Gesendet: Montag, 30. Juni 2008 13:47
> An: Discussion of IronPython
> Betreff: Re: [IronPython] restrict scripting access
>
> Rainer Worbis wrote:
>> is there a way to restrict access to objects or namespaces
>> within a script? We use IronPython for providing scripting
>> functionality within our .NET Application but would like to
>> restrict access to certain functions. Has anybody information
>> or a sample how to do that?
>
> Can you declare the restricted objects as "internal"?
>
> Cheers,
> Korbinian
> _______________________________________________
> Users mailing list
> [email protected] <mailto:[email protected]>
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
> _______________________________________________
> Users mailing list
> [email protected] <mailto:[email protected]>
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
_______________________________________________
Users mailing list
[email protected] <mailto:[email protected]>
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
--
nomadlife.org <http://nomadlife.org>
------------------------------------------------------------------------
_______________________________________________
Users mailing list
[email protected]
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
--
http://www.ironpythoninaction.com/
http://www.voidspace.org.uk/
http://www.trypython.org/
http://www.ironpython.info/
http://www.resolverhacks.net/
http://www.theotherdelia.co.uk/
_______________________________________________
Users mailing list
[email protected]
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
