Geek Answers Handbook

C # fully trusted build with SecuritySafeCritical funciton still throws SecurityExceptions

I am trying to create an isolated AppDomain for loading extensions / plugins. I have a MarshalByRefObject which in the instance inside appdomain loads the dll. I get SecurityExceptions when I try to load DLLs, and I cannot figure out how to get around them, still limiting what third-party code can do. All my projects are.net 4.

The InDomainLoader class is in a fully trusted domain, this method is marked as SecuritySafeCritical. From everything I read, I think it should work.

Here is my Loader class that creates the AppDomain and jumps into it:

public class Loader { public void Load(string dll, string typeName) { Log.PrintSecurity(); // Create new AppDomain var setup = AppDomain.CurrentDomain.SetupInformation; var permissions = new PermissionSet(null); permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); var strongname = typeof(InDomainLoader).Assembly.Evidence.GetHostEvidence<StrongName>(); var strongname2 = typeof(IPlugin).Assembly.Evidence.GetHostEvidence<StrongName>(); AppDomain domain = AppDomain.CreateDomain("plugin", null, setup, permissions, strongname, strongname2); // Create instance var loader = (InDomainLoader)domain.CreateInstanceAndUnwrap( typeof (InDomainLoader).Assembly.FullName, typeof (InDomainLoader).FullName); // Jump into domain loader.Load(dll, typeName); } }

And here is the bootloader that runs in the domain:

 public class InDomainLoader : MarshalByRefObject { [SecuritySafeCritical] public void Load(string dll, string typeName) { Log.PrintSecurity(); var assembly = Assembly.LoadFrom(dll); // <!-- SecurityException! var pluginType = assembly.GetType(typeName); var demoRepository = new DemoRepository(); var plugin = (IPlugin)Activator.CreateInstance(pluginType, demoRepository); Console.WriteLine(plugin.Run()); } }

Some registration statements report that the IsFullyTrusted assembly is true and the method has both IsSecurityCritical and IsSecuritySafeCritical true, IsSecurityTransparent false.

I pinned the entire project to http://davidhogue.com/files/PluginLoader.zip in case this makes it easier.

If anyone has any ideas, I will be very grateful. I seem to be stuck in a dead end.

+4
source share
1 answer

Good for starters, you probably shouldn't check the SecuritySafeCritical feature, as this means that unnamed callers can call you, which you probably don't really want (not that this is a serious problem).

As for your problem, the problem is that by default you still don't have any special permissions, the usual easy way to build is to create your own AppDomainSetup and specify its ApplicationBase in some plugins directory (this is not a bad idea at all) , you can use regular Assembly.Load ("AssemblyName") to load from the database. However, if you must load an arbitrary file, you need to specify FileIOPermission for the dll plugin (full path), i.e.

 private Assembly LoadAssemblyFromFile(string file) { FileIOPermission perm = new FileIOPermission(FileIOPermissionAccess.AllAccess, file); perm.Assert(); return Assembly.LoadFile(file); }
+6
source

More articles:


All Articles