Does CS-Script provide a sandbox out of the box?

I am learning cs-script, and I wonder how safe it is, out of the box. I know that a script loads and unloads dynamically, but can this script leave its executing assembly? that is, can it use reflection to access and instantiate classes from other assemblies in the same process?

So my question is, does cscript have built-in protection by default or doesn't it bother?

+4
source share
2 answers

In short: No, the CS script does not provide any security features out of the box.

Answered here: fooobar.com/questions/904823 / ...

.NET Sandbox. . CLR -, CS- Script. , CAS script, - CLR. /, CAS . , - "" . CS- script , .NET Sendoxing, . CS- script Sendboxing (\ Samples\Sandboxing), , script / (, ).

.Net Security Credentials cs- script : http://www.csscript.net/Samples.html (sandbox.zip)

cs- script ( ), AppDomain script ( ). script -. . https://msdn.microsoft.com/en-us/library/bb763046%28v=vs.110%29.aspx

0

CS- Script http://www.csscript.net/, , , :

using MyOtherAssembly;

CS- Script , , using. , , , CS- Script :

//css_ref "..\MyOtherAssembly.dll"
using MyOtherAssembly;

//css_ref - , CS- Script , script. . CS- Script .

, , AppDomain script. , CS- Script , AppDomain, .

: http://www.csscript.net/help/using_.net_assemblies.html.

Edit1: , script - , . script - . " "; , .

+2

Source: https://habr.com/ru/post/1628169/


All Articles