我正在尝试将插件系统添加到我的应用程序中。我已经使用一些有限的权限集创建了沙盒appdomain。当来自沙盒appdomain的代码引发应该在具有可信代码的域中处理的事件时,问题就出现了。我创建了一个简单的应用程序来显示问题。
using System;
using System.IO;
using System.Security;
using System.Security.Permissions;
namespace SandBoxTest
{
class Program
{
static void Main(string[] args)
{
var permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.AllFlags));
permissionSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
var setup = new AppDomainSetup
{
ApplicationBase = AppDomain.CurrentDomain.BaseDirectory
};
var sandBoxDomain = AppDomain.CreateDomain("Sandbox", null, setup, permissionSet);
var remoteObject = sandBoxDomain.CreateInstanceAndUnwrap(typeof (RemoteObject).Assembly.FullName, typeof (RemoteObject).FullName) as RemoteObject;
remoteObject.EventFromSandBox += HandlerInTrustedDomainOnEventFromSandBox;
remoteObject.RaiseEventFromSandBox();
Console.ReadKey();
}
private static void HandlerInTrustedDomainOnEventFromSandBox()
{
File.ReadAllText(@"C:\passwords.txt");
}
}
class RemoteObject : MarshalByRefObject
{
public event Action EventFromSandBox;
public void RaiseEventFromSandBox()
{
var handler = EventFromSandBox;
if (handler != null)
handler();
}
}
}
在此示例异常中“请求类型'System.Security.Permissions.FileIOPermission,mscorlib,Version = 4.0.0.0,Culture = neutral,PublicKeyToken = b77a5c561934e089'失败”的权限被抛出。
如果没有安全检查,我应该怎样处理来自沙盒域的事件?