Yes it is possible. Using security code access and .NET Sandbox. I would advise you to take a look at the CSScript library (open source). This is a library that provides C # scripts and on-the-fly compilation in dynamic assemblies. I used this in a project to allow end users to write C # scripts and execute them, allowing me to interact with classes on my system. The project required that they do not have access to File IO or MessageBox (UI), since user scripts were executed on the server. CSSCript used elements of the .NET environment to restrict access to the assembly, and you will get an exception if any of these forbidden types are called.
So take a look at that. I will edit my answer when I find out more information about how this is possible, just so that you know that it is possible!
Ok, found it. Here is a discussion I had with a CSScript author a few years ago:
I:
I am developing an application and want to show users the ability to script certain actions through the user interface. CSScript looks very good for this. However, I also want to allow users to do this and execute their scripts on a web server. Now this is a security nightmare, as users can write "Directory.Delete (@" C: \ ", true)" and destroy the hard drive. So, is it possible to limit the assemblies, namespaces, or even classes that a user can get from their script to sort CSScript startup in a safe sandbox?
Oleg:
An immediate attractive solution is to use .NET Sandbox. It is designed specifically for this kind of scenario. The standard sandbox for the CLR is available for the host application that runs scripts with CS-Script. The idea is that you initialize CAS before loading the suspicious script, and the rest is the responsibility of the CLR. And if you need to configure permissions on directories / files, you do this using CAS tools. Thus, a script is a "transport" for the procedure provided by your user. And CS-Script is a convenient mechanism for implementing such a transport, but the real security problems are addressed by .NET Sendoxing, which has a full set of functions to cover almost all possible security scenarios. With the CS-Script files you download, you can find a Sendboxing sample (\ Samples \ Sandboxing) that demonstrates how to prevent a script from file I / O (for example, creating a file) .
So from this, I believe that you need to look at .NET Sandbox and load the assemblies into it. I understand that this example is specific to C # Scripting, but I believe that it applies to your script since the above CSScript examples will show you a way to achieve sandboxing and security.
Some specific examples of loading assemblies into the sandbox can be found here:
While we are discussing module loading, have you heard of Microsoft Prism ? This provides a good basis for loading modules and injecting dependencies (via Unity or MEF ), which can be very useful when developing a plugin architecture.
Respectfully,