Question

我有这个类，我在AppDomain中创建的实例没有权限，只有SecurityPermissionFlag.Execute：

class IsolationEntryPoint : MarshalByRefObject
{
    // main is the original AppDomain with all the permissions
    public void Enter(AppDomain main)
    {
        // these work correctly
        Console.WriteLine("Currently in: " + AppDomain.CurrentDomain.FriendlyName);
        Console.WriteLine("Host: " + main.FriendlyName);

        // the exception is thrown here
        main.DoCallBack(this.MyCallBack);
    }

    public void MyCallBack()
    {
        Console.WriteLine("Currently in: " + AppDomain.CurrentDomain.FriendlyName);
    }
}

奇怪的是我在DoCallback行中得到了SecurityException：

请求类型的许可 'System.Security.Permissions.ReflectionPermission，mscorlib， Version = 4.0.0.0，Culture = neutral，PublicKeyToken = b77a5c561934e089' 失败。

MSDNsays this关于AppDomain.DoCallBack的权限要求：

ReflectionPermission在通过诸如此类机制进行后期绑定时调用作为Type.InvokeMember。

电话没有使用Type.InvokeMember这样的内容，为什么我会收到例外？

修改：

为清楚起见，这里是我用来创建带有隔离对象的AppDomain的代码：

    [STAThread]
    static void Main(string[] args)
    {

        var setup = new AppDomainSetup();
        setup.ApplicationBase = Path.GetDirectoryName(Assembly.GetExecutingAssembly().CodeBase);

        var evidence = new Evidence();

        var permissions = new PermissionSet(PermissionState.None);
        permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));

        var domain = AppDomain.CreateDomain(
            "isolationDomain",
            evidence,
            setup,
            permissions);

        var handle = Activator.CreateInstanceFrom(
            domain, typeof(IsolationEntryPoint).Assembly.ManifestModule.FullyQualifiedName,
            typeof(IsolationEntryPoint).FullName);

        var instance = (IsolationEntryPoint)handle.Unwrap();

        instance.Enter(AppDomain.CurrentDomain);
    }

这两段代码是我的完整应用程序，没有别的（所以异常应该很容易重现）。

感谢您的帮助

Answer 1

解决方案实际上非常简单：您错过了将 public 访问修饰符添加到class IsolationEntryPoint，即更改类签名之后，样本运行正常：

public class IsolationEntryPoint : MarshalByRefObject
{
    // [...]
}

Answer 2

我尝试了下面的内容，似乎有效。

class Program
{

    static void Main(string[] args)
    {
        SecurityPermission t = new SecurityPermission(SecurityPermissionFlag.Execution);
        t.Demand();
        IsolationEntryPoint x = new IsolationEntryPoint();
        x.Enter(AppDomain.CurrentDomain);
    }
}


class IsolationEntryPoint : MarshalByRefObject
{
    // main is the original AppDomain with all the permissions 
    public void Enter(AppDomain main)
    {
        // these work correctly 
        Console.WriteLine("Currently in: " + AppDomain.CurrentDomain.FriendlyName);
        Console.WriteLine("Host: " + main.FriendlyName);

        // the exception is thrown here 
        main.DoCallBack(this.MyCallBack);
    }

    public void MyCallBack()
    {
        Console.WriteLine("Currently in: " + AppDomain.CurrentDomain.FriendlyName);
    }
}

AppDomain.DoCallBack需要ReflectionPermission吗？

2 个答案: