static void Main(string[] args) { Console.OutputEncoding = Encoding.UTF8; string pathToUntrusted = args[0].Replace("|_|", " "); string untrustedAssembly = args[1]; string entryPointString = args[2]; string[] parts = entryPointString.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); string name_space = parts[0]; string class_name = parts[1]; string method_name = parts[2]; //Setting the AppDomainSetup. It is very important to set the ApplicationBase to a folder //other than the one in which the sandboxer resides. AppDomainSetup adSetup = new AppDomainSetup(); adSetup.ApplicationBase = Path.GetFullPath(pathToUntrusted); //Setting the permissions for the AppDomain. We give the permission to execute and to //read/discover the location where the untrusted code is loaded. PermissionSet permSet = new PermissionSet(PermissionState.None); permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); //We want the sandboxer assembly's strong name, so that we can add it to the full trust list. //StrongName fullTrustAssembly = typeof(Sandboxer).Assembly.Evidence.GetHostEvidence<StrongName>(); //Now we have everything we need to create the AppDomain, so let's create it. AppDomain newDomain = AppDomain.CreateDomain("Sandbox", null, adSetup, permSet, /*fullTrustAssembly*/null); //Use CreateInstanceFrom to load an instance of the Sandboxer class into the //new AppDomain. ObjectHandle handle = Activator.CreateInstanceFrom( newDomain, typeof(Sandboxer).Assembly.ManifestModule.FullyQualifiedName, typeof(Sandboxer).FullName ); //Unwrap the new domain instance into a reference in this domain and use it to execute the //untrusted code. Sandboxer newDomainInstance = (Sandboxer)handle.Unwrap(); Job job = new Job(newDomainInstance, untrustedAssembly, name_space, class_name, method_name, parameters); Thread thread = new Thread(new ThreadStart(job.DoJob)); thread.Start(); thread.Join(10000); if (thread.ThreadState != ThreadState.Stopped) { thread.Abort(); Console.Error.WriteLine("Job taking too long. Aborted."); } AppDomain.Unload(newDomain); }
static void Main(string[] args) { Console.OutputEncoding = Encoding.UTF8; Console.InputEncoding = Encoding.UTF8; string pathToUntrusted = args[0].Replace("|_|", " "); string untrustedAssembly = args[1]; string entryPointString = args[2]; string[] parts = entryPointString.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); string name_space = parts[0]; string class_name = parts[1]; string method_name = parts[2]; //Setting the AppDomainSetup. It is very important to set the ApplicationBase to a folder //other than the one in which the sandboxer resides. AppDomainSetup adSetup = new AppDomainSetup(); adSetup.ApplicationBase = Path.GetFullPath(pathToUntrusted); //Setting the permissions for the AppDomain. We give the permission to execute and to //read/discover the location where the untrusted code is loaded. PermissionSet permSet = new PermissionSet(PermissionState.None); permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); permSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted)); permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.ControlThread)); permSet.AddPermission(new NetworkInformationPermission(PermissionState.Unrestricted)); permSet.AddPermission(new WebPermission(PermissionState.Unrestricted)); //if (untrustedAssembly.StartsWith("fsharp_")) //{ // //for F# printf to work // var fileio = new FileIOPermission(PermissionState.None); // fileio.AllLocalFiles = FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery; // permSet.AddPermission(fileio); //} //We want the sandboxer assembly's strong name, so that we can add it to the full trust list. //StrongName fullTrustAssembly = typeof(Sandboxer).Assembly.Evidence.GetHostEvidence<StrongName>(); var a1 = typeof(System.ComponentModel.DataAnnotations.DisplayAttribute).Assembly.GetName(); var a2 = typeof(System.ComponentModel.Composition.ImportAttribute).Assembly.GetName(); var a3 = typeof(System.Web.HttpRequest).Assembly.GetName(); var a4 = typeof(System.Net.Http.HttpClient).Assembly.GetName(); var a5 = typeof(System.Drawing.Image).Assembly.GetName(); var a6 = typeof(Newtonsoft.Json.JsonSerializer).Assembly.GetName(); adSetup.PartialTrustVisibleAssemblies = new string[] { string.Format("{0}, PublicKey={1}", a1.Name, ByteArrayToString(a1.GetPublicKey()).ToUpper()), string.Format("{0}, PublicKey={1}", a2.Name, ByteArrayToString(a2.GetPublicKey()).ToUpper()), string.Format("{0}, PublicKey={1}", a3.Name, ByteArrayToString(a3.GetPublicKey()).ToUpper()), string.Format("{0}, PublicKey={1}", a4.Name, ByteArrayToString(a4.GetPublicKey()).ToUpper()), string.Format("{0}, PublicKey={1}", a5.Name, ByteArrayToString(a5.GetPublicKey()).ToUpper()), string.Format("{0}, PublicKey={1}", a6.Name, ByteArrayToString(a6.GetPublicKey()).ToUpper()), }; //Now we have everything we need to create the AppDomain, so let's create it. AppDomain newDomain = AppDomain.CreateDomain("Sandbox", null, adSetup, permSet, /*fullTrustAssembly*/null); //Use CreateInstanceFrom to load an instance of the Sandboxer class into the //new AppDomain. ObjectHandle handle = Activator.CreateInstanceFrom( newDomain, typeof(Sandboxer).Assembly.ManifestModule.FullyQualifiedName, typeof(Sandboxer).FullName ); //Unwrap the new domain instance into a reference in this domain and use it to execute the //untrusted code. Sandboxer newDomainInstance = (Sandboxer)handle.Unwrap(); Job job = new Job(newDomainInstance, untrustedAssembly, name_space, class_name, method_name, parameters); Thread thread = new Thread(new ThreadStart(job.DoJob)); thread.Start(); thread.Join(10000); if (thread.ThreadState != ThreadState.Stopped) { thread.Abort(); Console.Error.WriteLine("Job taking too long. Aborted."); } AppDomain.Unload(newDomain); }