Question

我正在使用Visual Studio中的一个小沙箱项目。这是我的代码：

namespace Andromeda.PCTools
{
    public partial class Sandbox : MetroForm
    {
        private AppDomain sandbox;

        public Sandbox()
        {
            InitializeComponent();
        }

        private void Sandbox_Load(object sender, EventArgs e)
        {

        }

        private void btnAdd_Click(object sender, EventArgs e)
        {
            using (OpenFileDialog ofd = new OpenFileDialog() { Filter = "Applications|*.exe", ValidateNames = true, Multiselect = false })
            {
                if (ofd.ShowDialog() == DialogResult.OK)
                {
                    listBoxItems.Items.Add(ofd.FileName);

                }
            }
        }

        private void removeSelectedToolStripMenuItem_Click(object sender, EventArgs e)
        {
            if (listBoxItems.SelectedItems.Count != 0)
            {
                while (listBoxItems.SelectedIndex != -1)
                {
                    listBoxItems.Items.RemoveAt(listBoxItems.SelectedIndex);
                }
            }
        }

        private void btnLoad_Click(object sender, EventArgs e)
        {
            PermissionSet ps = new PermissionSet(PermissionState.None);
            ps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));

            AppDomainSetup setup = new AppDomainSetup();

            Evidence ev = new Evidence();
            //ev.AddHostEvidence(new Zone(SecurityZone.Internet));
            PermissionSet internetPS = SecurityManager.GetStandardSandbox(ev);

            setup.ApplicationBase = Path.GetFullPath(Application.StartupPath);



            //StrongName fullTrustAssembly = typeof(Sandboxer).Assembly.Evidence.GetHostEvidence<StrongName>();

            sandbox = AppDomain.CreateDomain(listBoxItems.SelectedItem.ToString(), ev, setup, ps);

            try
            {
                sandbox.ExecuteAssembly(listBoxItems.SelectedItem.ToString());
                btnLoad.Enabled = false;
                btnUnload.Enabled = true;
            }
            catch (Exception ex)
            {
                MessageBox.Show("The following error occurred!\n" + ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }

        }

        private void btnUnload_Click(object sender, EventArgs e)
        {
            try
            {
                AppDomain.Unload(sandbox);
                btnLoad.Enabled = true;
                btnUnload.Enabled = false;
            }
            catch (Exception ex)
            {
                MessageBox.Show("The following error occurred!\n" + ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }

        }

    }
}

但我收到以下错误：

抛出异常：Andromeda中的'System.Security.SecurityException' 4.0.exe（“请求类型'System.Security.Permissions.FileIOPermission，mscorlib的权限， Version = 4.0.0.0，Culture = neutral，PublicKeyToken = b77a5c561934e089' 失败“。）

Answer 1

您授予沙箱程序集执行权限，但您还需要向权限集添加FileIOPermission，从而授予其访问文件系统的权限。请尝试以下方法：

ps.AddPermission(new FileIOPermission(PermissionState.Unrestricted));

选择适当的配置IO权限的方式。在我的例子中它不受限制，但这是一个沙盒。您可以选择将其锁定一点:)根据需要选择合适的构造函数。

C＃沙盒环境

1 个答案: