Geek Answers Handbook

Restrict access to assembler plugin

I would like to create a plug-in architecture where I can limit the assembly API to something very limited, i.e. Allow only the whitelist of functions. Is it possible to limit what functions / methods a plug-in can call? Can I do this with AppDomains?

Does anyone have a simple example?

+5
source share
3 answers

.NET has added a “Managed Addin Framework” that can match the score. It has the following features:

. MAF . , , , .

UI, ( ) AppDomain . , MAF .

. "", . ( ):

public abstract class Calculator 
{
    public abstract double Add(double a, double b);    
    public abstract double Subtract(double a, double b);
    public abstract double Multiply(double a, double b);
    public abstract double Divide(double a, double b);
}

, "Addin":

[AddIn("Sample Calculator AddIn", Version="1.0.0.0")]
public class SampleCalculatorAddIn : Calculator
{
    public override double Add(double a, double b)
    {
        return a + b;
    }
    public override double Subtract(double a, double b)
    {
        return a-b;
    }
    public override double Multiply(double a, double b)
    {
        return a * b;
    }
    public override double Divide(double a, double b)
    {
        return a / b;
    }
}

:

// In this sample we expect the AddIns and components to 
// be installed in the current directory
String addInRoot = Environment.CurrentDirectory;

// Check to see if new AddIns have been installed
AddInStore.Rebuild(addInRoot);

// Look for Calculator AddIns in our root directory and 
// store the results
Collection<AddInToken> tokens = 
    AddInStore.FindAddIns(typeof(Calculator), addInRoot);

// Ask the user which AddIn they would like to use
AddInToken calcToken = ChooseCalculator(tokens);

// Activate the selected AddInToken in a new AppDomain set sandboxed 
// in the internet zone. You can find out what this gives access
// to by running "mscorcfg.msc", but essentially this will limit
// any access to the filesystem and other obvious OS services.
// Use of reflection is also very limited in this zone.
Calculator calculator = 
    calcToken.Activate<Calculator>(AddInSecurityLevel.Internet);

// Run the read-eval-print loop
RunCalculator(calculator);

. , , .


https://web-beta.archive.org/web/20140820145919/http://msdn.microsoft.com/en-us/magazine/cc163476.aspx

MSDN
http://msdn.microsoft.com/en-us/library/bb384200.aspx

System.Addin Codeplex ( )
http://www.codeplex.com/clraddins

Pipeline Builder ( )
http://clraddins.codeplex.com/wikipage?title=Pipeline%20Builder&referringTitle=Home

Fx-Cop System.Addin
http://clraddins.codeplex.com/wikipage?title=Add-in%20FxCop%20Rules&referringTitle=Home

+11

internal anytihng, , , . - ?

, :

  • " "
  • AssemblyInfo.cs, InternalsVisibleTo . : [InternalsVisibleTo("fullNameOfAssemblyFromOtherLibrariesAssemblyInfoFile")]
  • Ta-da, ! ( Reflection, )
+1

.

.

http://www.15seconds.com/Issue/040121.htm

AppDomain

EDIT: It is rather difficult to provide sample code. But MSDN should give you some good tips: http://msdn.microsoft.com/en-us/library/yctbsyf4(VS.71).aspx

0
source

More articles:


All Articles