c#SecurityException中的沙盒ironpython

时间:2012-01-31 06:22:15

标签: c# python sandbox

好吧这就是我所拥有的

private static AppDomain CreateSandbox()
{
  var permissions = new PermissionSet(PermissionState.None);
  permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));

  permissions.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read| FileIOPermissionAccess.PathDiscovery, AppDomain.CurrentDomain.BaseDirectory));
  var appinfo = new AppDomainSetup();
  appinfo.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory;

  return AppDomain.CreateDomain("Scripting sandbox", null, appinfo, permissions, fullTrustAssembly);
}

当我尝试加载一些破解的python代码时

try
{
    var src = engine.CreateScriptSourceFromString(s.Python, SourceCodeKind.Statements);
    src.Execute(ActionsScope);
}
catch (Exception e)
{
    ExceptionOperations eo = engine.GetService<ExceptionOperations>();
    string error = eo.FormatException(e);
    Debug.WriteLine(error);
}

这给了我一个SecurityException,而不是让我看到代码中的实际异常。 如果我设置PermissionSet(PermissionState.Unrestricted)它可以正常工作。

有关获取这些爆破错误所需的权限的任何想法?

System.Security.SecurityException was caught
  Message=Request failed.
  Source=Microsoft.Scripting
  GrantedSet=<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Read="F:\Programming\OCTGN\octgnFX\Octgn\bin\ReleaseMode with Debug\"
PathDiscovery="F:\Programming\OCTGN\octgnFX\Octgn\bin\ReleaseMode with Debug\"/>
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution"/>
</PermissionSet>

  PermissionState=<PermissionSet class="System.Security.PermissionSet"
version="1"
Unrestricted="true"/>

  RefusedSet=""
  Url=file:///F:/Programming/OCTGN/octgnFX/Octgn/bin/ReleaseMode with Debug/Microsoft.Scripting.DLL
  StackTrace:
       at Microsoft.Scripting.SyntaxErrorException.GetObjectData(SerializationInfo info, StreamingContext context)
       at System.Runtime.Serialization.ObjectCloneHelper.GetObjectData(Object serObj, String& typeName, String& assemName, String[]& fieldNames, Object[]& fieldValues)
       at Microsoft.Scripting.Hosting.ScriptSource.Execute(ScriptScope scope)
       at Octgn.Scripting.Engine.LoadScripts() in F:\Programming\OCTGN\octgnFX\Octgn\Scripting\Engine.cs:line 58
  InnerException:

2 个答案:

答案 0 :(得分:1)

基于堆栈跟踪,代码中存在语法错误,因此Python运行时抛出SyntaxErrorException。该异常未被捕获,因此必须跨应用程序域边界进行序列化。

我认为现在的问题是GetObjectData()的方法SyntaxErrorException被标记为[SecurityCritical],这意味着它只能由完全受信任的代码调用。

答案 1 :(得分:1)

您可能想要尝试ObjectHandle ExecuteAndWrap(ScriptScope范围,OutHandle异常)重载。当您只是捕获异常时,它会在被抛出时从远程域封送到您的域,然后在调用FormatException时返回到远程域。看起来好像是在编组回到您的应用程序域时发生了异常。

如果你调用ExecuteAndWrap重载,那么你只需获得结果的句柄和可能的异常并避免序列化 - 然后你可以将句柄传递回ExceptionOperations.FormatException。

相关问题
最新问题