TechQA.

Make .NET Delegates (for filtering and ordering) 'trustable'

70 views Asked by At

What would be the best way of making Delegates used in Linq Where and OrderBy methods 'trustable'?

For instance, if my code was being passed these types Func<T,Boolean> and Func<T>, what would be the best option to check that these will only operate on the object passed to them, and not, for instance, do nasty things such as access the filesystem, etc?

I suppose one way would be to startup have a partially-trusted AppDomain, and the delegates run in that, but I wonder if there is any other option?

Thanks

.net delegates trust
Original Q&A
1

There are 1 answers

6
Marc Gravell On

One option would be use Expression<Func<...>> instead of Func<...>, then you simply walk the tree (from x => x.Foo etc) and validate what objects and methods are used - but you would have to limit to your objects, as obviously even .Foo could be malign. The advantage here is that to the caller it looks and feels the same as passing a delegate as a lambda.

An easier way may be for them to pass you a string (name) or enum that you use for the sort / filter / etc.

Related Questions in .NET

Related Questions in DELEGATES

Related Questions in TRUST

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions