Jaa


ZoneSandboxAppDomainManager.cs

  1  using System;
  2  using System.Reflection;
  3  using System.Security;
  4  using System.Security.Policy;
  5
  6  namespace AppDomainManagers
  7  {
  8      public sealed class ZoneSandboxAppDomainManager : AppDomainManager
  9      {
 10          private AppDomain internetDomain = null;
 11          private AppDomain localIntranetDomain = null;
 12          private AppDomain myComputerDomain = null;
 13
 14           /// <summary>
 15           ///      Create a new AppDomain
 16           /// </summary>
 17           /// <remarks>
 18           ///      Provides a new AppDomain using the following algorithm: 
 19           /// 
 20           ///      1. If this is not the default domain, return the current domain
 21           ///      2. All new domains get an ApplicationBase of the plugins directory
 22           ///      3. Put all requests to create domains for the MyComputer zone in a single domain
 23           ///      4. Put all requests to create domains for the Intranet zone in a single domain
 24           ///      5. Put all requests to create domains for the Internet zone in a single domain
 25           /// 
 26           ///      Note: This is not thread-safe. 
 27           /// </remarks>
 28           /// <param name="friendlyName">Friendly name of the AppDomain to create</param>
 29           /// <param name="securityInfo">Evidence to create the AppDomain with</param>
 30           /// <param name="appDomainSetup">Information about the new domain</param>
 31          public override AppDomain CreateDomain(string friendlyName,
 32              Evidence securityInfo, AppDomainSetup appDomainInfo)
 33          {
 34               // 1. if this is not the default domain, then just return the current domain
 35              if(!AppDomain.CurrentDomain.IsDefaultAppDomain())
 36                  return AppDomain.CurrentDomain;
 37
 38               // 2. All new domains get an ApplicationBase of the plugins directory
 39              appDomainInfo.ApplicationBase =
 40                  AppDomain.CurrentDomain.SetupInformation.ApplicationBase + @"\plugins";
 41
 42               // make sure there is some evidence
 43              if(securityInfo == null)
 44                  securityInfo = new Evidence();
 45
 46               // find the security zone, defaulting to Internet
 47              Zone zone = null;
 48              foreach(object evidence in securityInfo)
 49                  if(evidence is Zone)
 50                      zone = evidence as Zone;
 51
 52              if(zone == null)
 53              {
 54                  zone = new Zone(SecurityZone.Internet);
 55                  securityInfo.AddHost(zone);
 56              }
 57
 58               // figure out which AppDomain to get
 59              switch(zone.SecurityZone)
 60              {
 61                   // 3. Put all requests to create domains for the MyComputer zone in a single domain
 62                  case SecurityZone.MyComputer:
 63                      if(myComputerDomain == null)
 64                          myComputerDomain = CreateDomainHelper("MyComputer Plugins",
 65                                  securityInfo, appDomainInfo);
 66                      return myComputerDomain;
 67
 68                   // 4. Put all requests to create domains for the Intranet zone in a single domain
 69                  case SecurityZone.Intranet:
 70                      if(localIntranetDomain == null)
 71                          localIntranetDomain = CreateDomainHelper("LocalIntranet Plugins",
 72                                  securityInfo, appDomainInfo);
 73                      return localIntranetDomain;
 74
 75                   // 5. Put all requests to create domains for the Internet zone in a single domain
 76                  case SecurityZone.Internet:
 77                  default:
 78                      if(internetDomain == null)
 79                          internetDomain = CreateDomainHelper("Internet Plugins",
 80                                  securityInfo, appDomainInfo);
 81                      return internetDomain;
 82              }
 83          }
 84      }
 85  }
 

Comments

  • Anonymous
    January 19, 2010
    5 years later, would you still use this approach for loading untrusted 3rd party plugins, or would you recommend a different approach to sandboxing an app domain? I have a scenario where I am writing code that is explicitly responsible for loading code written by untrust(ed/able) 3rd parties.

  • Anonymous
    February 24, 2010
    5 years later, we now ship frameworks such as the Managed Extensibility Framework and Managed AddIn Framework that take care of lots of the security and versioning issues for you.  I would recommend checking those out to see if they meet your needs before rolling your own implementation. -Shawn