public static void ExecuteInMediumTrust(Action action) { #if !MEDIUM_TRUST Assert.Inconclusive("Medium trust is obsolete"); #endif SandBoxer.ExecuteInMediumTrust(action.Method, null); }
public static void ExecuteInMediumTrust(MethodInfo methodInfo, object parameter) { #if !MEDIUM_TRUST Assert.Inconclusive("Medium trust is only valid for signed builds"); #endif Type type = methodInfo.DeclaringType; // Instance methods are not supported because in common use, caller is in full trust if (!methodInfo.IsStatic) { throw new ArgumentException("The method " + type.Name + "." + methodInfo.Name + " must be static"); } if (methodInfo.GetParameters().Length > 1) { throw new ArgumentException("The method " + type.Name + "." + methodInfo.Name + " accepts an unexpected number of parameters"); } string methodName = methodInfo.Name; string typeName = methodInfo.DeclaringType.FullName; string assemblyName = methodInfo.DeclaringType.Assembly.FullName; string pathToAssembly = methodInfo.DeclaringType.Assembly.Location; // TODO (wilcob, roncain): Parse web_mediumtrust.config for a 100% correct sandboxed appdomain. // Use Intranet permission because that is how our framework is run in ASP.NET Evidence evidence = new Evidence(); evidence.AddHostEvidence(new Zone(SecurityZone.Intranet)); PermissionSet permSet = SecurityManager.GetStandardSandbox(evidence); // We want the sandboxer assembly's strong name, so that we can add it to the full trust list StrongName sandBoxAssembly = typeof(SandBoxer).Assembly.Evidence.GetHostEvidence <StrongName>(); AppDomainSetup adSetup = new AppDomainSetup(); adSetup.ApplicationBase = Path.GetFullPath(pathToAssembly); // We need the following to be fully trusted: // SandBoxer: does Reflection to invoke down to partial trust StrongName[] fullTrustAssemblies = new StrongName[] { sandBoxAssembly, }; // DataAnnotations is in the GAC and will run full trust unless we ask otherwise string[] partialTrustAssemblies = new string[] { typeof(System.ComponentModel.DataAnnotations.ValidationAttribute).Assembly.FullName, }; adSetup.PartialTrustVisibleAssemblies = partialTrustAssemblies; AppDomain newDomain = AppDomain.CreateDomain("SandBox", null, adSetup, permSet, fullTrustAssemblies); // Use CreateInstanceFrom to load an instance of the Sandboxer class into the new AppDomain. ObjectHandle handle = Activator.CreateInstanceFrom( newDomain, typeof(SandBoxer).Assembly.ManifestModule.FullyQualifiedName, typeof(SandBoxer).FullName ); // Unwrap the new domain instance into an reference in this domain and use it to // execute the untrusted code SandBoxer newDomainInstance = handle.Unwrap() as SandBoxer; Exception exception = null; try { newDomainInstance.ExecuteUntrustedCode(assemblyName, typeName, methodName, parameter); } catch (TargetInvocationException tie) { exception = tie.InnerException == null ? tie : tie.InnerException; } catch (Exception ex) { exception = ex; } if (exception != null) { throw (exception is AssertFailedException) ? exception : new AssertFailedException(exception.Message, exception); } }
public static void ExecuteInMediumTrust <T>(Action <T> action, T parameter) { SandBoxer.ExecuteInMediumTrust(action.Method, parameter); }
public static void ExecuteInMediumTrust(Action action) { SandBoxer.ExecuteInMediumTrust(action.Method, null); }