Assembly.CreateInstance and security

I'm toying around with the idea of using C#'s ability to compile code on-demand as the basis of a scripting language. I was wondering, how can I sandbox the scripts that I am executing so that they cannot access the file system, network, etc. Basically, I want restricted permissions on the script being run.

Steps that I take:

CompilerResults r = CSharpCodeProvider.CompileAssemblyFromSource(source);

Assembly a = r.CompiledAssembly;

IScript s = a.CreateInstance(...);

s.EntryPoint(...);

Answers


The recommended approach for this is to execute the suspect code in a sandboxed appdomain. Several reasons are given at http://blogs.msdn.com/b/shawnfa/archive/2006/04/19/579066.aspx, and an even more important one is that most of the other potential approaches are deprecated as of .NET 4.0.


Need Your Help

Linq to XML Queries

c# .net xml winforms linq

Let's just say I have an XML file that looks like this:

Extracting the td value from inner html when there is also a SPAN

javascript dom html-table

I can't seem to quite figure this out, I am attempting to extract the TD value, I suppose everything works just as good as it should, but since I have also span in between the TD's, its extracts

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.