好吧,我有一个应用程序,我想添加对其他人编写应用程序将加载的模块的支持。
模块将是一个扩展我的 Module 类的类,用 .Net 编写。我需要知道如何在沙盒环境中加载这些 DLL,只允许它们在特定目录中读/写。
这可能吗?
最佳答案
是的,这是可能的。使用代码访问安全和 .NET 沙箱。我建议你看看 CSScript库(开源)。这是一个提供 C# 脚本和动态编译成动态程序集的库。我在一个项目中使用它来允许最终用户编写 C# 脚本并执行它们,从而允许与我系统中的类进行交互。该项目要求他们不能访问文件 IO 或 MessageBox (UI),因为用户脚本要在服务器上执行。 CSSCript 使用 .NET 框架的元素来限制程序集可以访问的内容,如果调用这些禁止类型中的任何一个,您将得到一个异常。
所以,看看那个。一旦我找到关于如何它可能的更多细节,我将编辑我的答案,只是让你知道它是可能的!
好的,找到了。这是几年前我与 CSScript 作者的讨论:
我:
I am developing an application and wish to expose the ability for users to script certain actions through the UI. CSScript looks very good for this. However I also wish to allow users to do this and execute their scripts on a web server. Now this is a security nightmare as users could write "Directory.Delete(@"C:\", true)" and wipe the hard drive. So would it be possible to restrict the assemblies, namespaces or even classes that a user can access from their script, to sort of run the CSScript in a secure sandbox?
奥列格:
The immediate attractive solution is to use .NET Sandbox. It is designed exactly for this sort of scenarios.The CLR standard sandboxing is available for the host application running scripts with CS-Script. The idea is that you initialise CAS before loading the suspicious script and the rest is a CLR responsibility. And if you need to configure directories/files permissions you do it with CAS tools. This way scripting is a "transportation" for the routine provided by your user. And CS-Script is a convenient mechanism for implementing such transport but the actual security concerns are addressed by .NET Sendoxing, which has comprehensive set of functionality to cover practically all possible security scenarios. With CS-script downloadables you can find the Sendboxing sample (\Samples\Sandboxing) which demonstrates how to prevent script from file I/O operations (e.g. create file).
因此,据此我认为您需要查看 .NET Sandbox 并将程序集加载到其中。我知道此示例特定于 C# 脚本,但我相信它适用于您的场景,因为上面的 CSScript 示例将向您展示实现沙盒和安全性的方法。
可以在此处找到有关如何将程序集加载到沙箱中的一些具体示例:
- Loading .NET Assemblies in a Sandbox
- Code Access Security in practice
- How to use CAS to constrain an assembly
当我们讨论模块加载时,您听说过Microsoft Prism吗? ?这为模块加载和依赖注入(inject)(通过 Unity 或 MEF )提供了一个很好的框架,这在开发插件架构时可能非常有用。
最好的问候,
关于C# 加载沙盒程序集,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/8691363/