c# - Running a .Net application in a sandbox -

-

over months, i've developed personal tool i'm using compile c# 3.5 xaml projects online. basically, i'm compiling codedom compiler. i'm thinking making public, problem is -very-very- easy on server tool.

the reason want protect server because there's 'run' button test , debug app (in screenshot mode).

is possible run app in sandbox - in other words, limiting memory access, hard drive access , bios access - without having run in vm? or should analyze every code, or 'disable' run mode?

spin appdomain, load assemblies in it, interface control, activate implementing type, call method. don't let instances cross appdomain barrier (including exceptions!) don't 100% control.

controlling security policies external-code appdomain bit single answer, can check link on msdn or search "code access security msdn" details how secure domain.

edit: there exceptions cannot stop, important watch them , record in manner assemblies caused exception not load them again.

also, better inject second appdomain type use loading , execution. way ensured no type (that won't bring down entire application) cross appdomain boundary. i've found useful define type extends marshalbyrefobject call methods on executes insecure code in second appdomain. should never return unsealed type isn't marked serializable across boundary, either method parameter or return type. long can accomplish 90% of way there.


Comments

Post a Comment

Popular posts from this blog

How has firefox/gecko HTML+CSS rendering changed in version 38? -

-
i have a little website header no longer renders correctly, since updating firefox 38.0.5 [the faceplant logo missing top right, , main logo no longer centred]. still renders expected in other browsers. how has engine's rendering changed in update? according mdn , list of changes is: css support ruby-position , ruby-align have been added , available default ( bug 1055676 , bug 1123917 , bug 1039006 ). the :unresolved pseudo-class has been implemented custom elements ( bug 1111633 ). the predefined style ethiopic-numeric uses space, instead of dot, suffix match recent change spec ( bug 1120721 ). css transitions on generated content (with ::before , ::after ) on both inline , block splits them start expected specification ( bug 1110277 ). the implementation of css logical properties made big progress. [...] how css transitions start has been modified match recent change of specifications, aiming @ having interoperable behavio
Read more

javascript - Complex json ng-repeat -

-
i try ng-repeat on object, tried several times still stuck. if have idea, , if it's possible share tips kind of situation. [ { "abonnement": { "id": "1", "nom": "bas prix", "tarif": "2.49", "communication": "2h de communication", "vers": "vers fixes et mobiles", "zone": "zone nationale" } }, { "abonnement": { "id": "2", "nom": "national", "tarif": "9.99", "communication": "t\u00e9l\u00e9phonie et sms illimit\u00e9s", "vers": "vers fixes et mobiles", "zone": "zone nationale" } }, { "abonnement": { "id": "3", "nom": "euro", "tarif&
Read more

jquery - Cloning of rows and columns from the old table into the new with colSpan and rowSpan -

-
i using clone jquery. necessary clone gray area in new table. problem cloned rows , columns can has rowspan , colspan. the gray area intersection data-fix-cols , data-fix-rows. my solution not work: <table id="old-table" data-fix-cols='3' data-fix-rows='4'> <tbody> <tr> <td class="gray">clone me</td> <td colspan="2" rowspan="2" class="gray">clone me</td> <td>ashgabat</td> <td>barcelona</td> <td>berlin</td> </tr> <tr> <td rowspan="3" class="gray">clone me</td> <td>bucharest</td> <td>warsaw</td> <td>washington</td> </tr> <tr> <td class="gray">clone me</td>
Read more