C # unchecked code without unmanaged permission

I have a .net assembly with a method that cannot be verified.

I am trying to load this assembly in the sandbox appdomain.

If I load with a pass check, but not with an unmanaged one, I get a validation exception. For instance:

new SecurityPermission(SecurityPermissionFlag.Execution | SecurityPermissionFlag.SkipVerification); 

If I download an unmanaged permission, it works, but then the application domain will not have enough sandboxing.

 new SecurityPermission(SecurityPermissionFlag.Execution | SecurityPermissionFlag.SkipVerification | SecurityPermissionFlag.UnmanagedCode); 

In addition, I am running .Net 4, and to do this higher, I had to switch to level 1 of transparency, for example:

 [assembly:SecurityRules(SecurityRuleSet.Level1)] 

So my question is:

  • Is there a way to run unverified code without UnamangedCode permission.
  • Is there a way to do the work described above with a set of Level2 security rules.

Thanks!

+6
source share
1 answer

Is there a way to run unverified code without UnamangedCode permission.

Even if that were the case, you would have given up any security at this point. Unchecked code has the same power as unmanaged code. This allows you, for example, to break up a type system.

It makes no sense to use SkipVerification rather than UnmanagedCode (or vice versa). These are two equivalents, and I believe that this is a mistake within the framework that exists.

+1
source

Source: https://habr.com/ru/post/917535/


All Articles