I'am trying to add plugin system to my application. I've created sandboxed appdomain with some limited permission set. The problem comes when code from sandboxed appdomain raises event which supposed to be handled in domain with trusted code. I've created a simple application to show a problem.
using System;
using System.IO;
using System.Security;
using System.Security.Permissions;
namespace SandBoxTest
{
class Program
{
static void Main(string[] args)
{
var permissionSet = new PermissionSet(PermissionState.None);
permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.AllFlags));
permissionSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
var setup = new AppDomainSetup
{
ApplicationBase = AppDomain.CurrentDomain.BaseDirectory
};
var sandBoxDomain = AppDomain.CreateDomain("Sandbox", null, setup, permissionSet);
var remoteObject = sandBoxDomain.CreateInstanceAndUnwrap(typeof (RemoteObject).Assembly.FullName, typeof (RemoteObject).FullName) as RemoteObject;
remoteObject.EventFromSandBox += HandlerInTrustedDomainOnEventFromSandBox;
remoteObject.RaiseEventFromSandBox();
Console.ReadKey();
}
private static void HandlerInTrustedDomainOnEventFromSandBox()
{
File.ReadAllText(@"C:\passwords.txt");
}
}
class RemoteObject : MarshalByRefObject
{
public event Action EventFromSandBox;
public void RaiseEventFromSandBox()
{
var handler = EventFromSandBox;
if (handler != null)
handler();
}
}
}
in this sample exception "Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed" is thrown.
What should I do to handle events from sandboxed domain without security check?