public SandboxHost(JsonRpcClient rpcClient, string sandboxWorkPath)
{
SandboxWorkPath = sandboxWorkPath;
HostingClient = proxyBuilder.CreateProxy <IHostingClient>(rpcClient);
callbackHandler = new HostCallbackHandler(this);
}
public Sandbox(int id, string name, string workPath, IEnumerable <string> accessiblePaths, string pipeName, HostCallbackHandler hostCallback)
{
if (string.IsNullOrEmpty(workPath))
{
throw new ArgumentException("Value cannot be null or empty.", nameof(workPath));
}
WorkPath = Path.GetFullPath(workPath);
Id = id;
Name = name;
var permissions = new PermissionSet(PermissionState.None);
permissions.AddPermission(new SecurityPermission(
SecurityPermissionFlag.Execution |
SecurityPermissionFlag.RemotingConfiguration
));
var setup = new AppDomainSetup
{
ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase,
};
var trustedAssemblies = new List <Assembly>
{
typeof(SandboxLoader).Assembly,
typeof(IModule).Assembly,
typeof(JToken).Assembly,
typeof(JsonRpcService).Assembly,
typeof(StreamRpcServerHandler).Assembly,
};
permissions.AddPermission(new FileIOPermission(
FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read,
trustedAssemblies.Select(a => a.Location).ToArray()));
if (accessiblePaths != null)
{
permissions.AddPermission(new FileIOPermission(
FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read,
accessiblePaths.ToArray()));
}
permissions.AddPermission(
new FileIOPermission(FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read,
WorkPath));
// Set up AppDomain
#if FULL_TRUSTED_SANDBOX
_AppDomain = AppDomain.CreateDomain("Sandbox: " + name, null, setup);
#else
_AppDomain = AppDomain.CreateDomain("Sandbox: " + name, null, setup, permissions,
trustedAssemblies.Select(a => a.Evidence.GetHostEvidence <StrongName>()).ToArray());
#endif
// Create loader proxy
// We will pass the proxy of SandboxAmbient into loader.
Loader = (SandboxLoader)Activator.CreateInstanceFrom(_AppDomain,
typeof(SandboxLoader).Assembly.Location,
typeof(SandboxLoader).FullName, false,
BindingFlags.CreateInstance | BindingFlags.Instance | BindingFlags.NonPublic,
null, new object[] { Id, pipeName, hostCallback }, null, null).Unwrap();
var lifeTime = (ILease)Loader.InitializeLifetimeService();
loaderSponsor = new Sponsor();
lifeTime.Register(loaderSponsor);
}
