Geek Answers Handbook

.NET DLR safe or sandbox isolated script

I use DLR in a small part of a larger C # project, and IronPython is a language.

For some parts of the system, the user can enter a small script to customize the behavior for them. What I would like to do is to restrict them to using free pure functions with a side effect or in the form of a sandbox so that their function cannot touch anything outside.

In addition, the user can only enter the body of the function, the function title and the specification of the argument are automatically preliminarily delayed in the code before passing the DLR engine to Python, so the C # side of the system that calls it knows the arguments to pass and return. Users will only need to perform simple operations and tests based solely on the values โ€‹โ€‹presented as arguments.

eg.

this is normal: return (a * 100) > b;

this is not normal: delete_file_system(); return (a * 100) > b; delete_file_system(); return (a * 100) > b;

How can this be achieved? Is there a better language or technology choice?

+6
ironpython dynamic-language-runtime
source share
1 answer

The way to do this is to create an isolated application domain and then run a script in that application domain. You can find instructions for creating a stand-alone domain here: http://msdn.microsoft.com/en-us/library/bb763046.aspx

To run code in the application domain, you can use the Python.CreateEngine overload, which accepts AppDomain. Then all the code executed in this engine will be run in this application domain.

If you want the user code to return to your host, you can create a class that comes from MarshalByRefObject and place it in the access area for access and callback. The calls will go to your regular application domain and you can do whatever you normally can do.

There are also many APIs on ObjectOperations and ScriptScope that work with ObjectHandles to perform operations on objects in a remote domain.

+7
source share

More articles:


All Articles