I was afraid of that. So, if I am reading your response correctly...<br><br>I can from my Apps AppDomain ( Primary ) create a second AppDomain ( Secondary ) which has limited permissions, specifically for me loading assemblies. I can then use the DLR in the Secondary AppDomain and use the DLR API to load the Assemblies I want.<br>
<br>That about sum it up. I know that there may be ways around it, I'm just trying to be secure enough at this point.<br><br>Thanks,<br><br>Michael<br><br><div class="gmail_quote">On Thu, Mar 27, 2008 at 8:50 PM, Dino Viehland <<a href="mailto:dinov@exchange.microsoft.com">dinov@exchange.microsoft.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div link="blue" vlink="purple" lang="EN-US">
<div>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);">There's no way to currently do this from the DLR and I suspect
it's beyond the scope of both the DLR and IronPython. What you might be able
to do is create an AppDomain with limited permissions and therefore prevent the
loading of assemblies at the lower level. Once you've done that the DLR
hosting APIs have support for loading them in a remote app domain.</span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);"> </span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);">The reason why we wouldn't do this directly is it's very hard to
prevent access. Once you can do import clr you can do:</span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);"> </span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);">clr.GetClrType(str).Assembly.System.Reflection.Assembly.Load(…)</span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);"> </span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);">and there's likely other ways to get around any walls we could
put up (e.g. 'abc'.GetType().Assembly… not to mention any othe APIs that could
return types).</span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);"> </span></p>
<p><span style="font-size: 11pt; color: rgb(31, 73, 125);"> </span></p>
<div style="border-style: solid none none; border-color: rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color; border-width: 1pt medium medium; padding: 3pt 0in 0in;">
<p><b><span style="font-size: 10pt;">From:</span></b><span style="font-size: 10pt;"> <a href="mailto:users-bounces@lists.ironpython.com" target="_blank">users-bounces@lists.ironpython.com</a>
[mailto:<a href="mailto:users-bounces@lists.ironpython.com" target="_blank">users-bounces@lists.ironpython.com</a>] <b>On Behalf Of </b>Michael
Cummings<br>
<b>Sent:</b> Thursday, March 27, 2008 12:01 PM<br>
<b>To:</b> Discussion of IronPython<br>
<b>Subject:</b> [IronPython] DLR Hosting Question</span></p>
</div><div><div></div><div class="Wj3C7c">
<p> </p>
<p>Hi all,<br>
I'm putting together a seminar at our local Code Camp for hosting the
DLR and integration with applications. The hosting spec pdf is great however I
do have (at least) one question that isn't explained very well in the doc. How
can I restrict what assemblies can be loaded by a ScriptScope? To explain
further: If I use the following code to load a py script file<br>
<br>
ScriptRuntime env = ScriptRuntime.Create();<br>
ScriptEngine
eng = env.GetEngineByFileExtension( "py" );<br>
<br>
ScriptSource
source = eng.CreateScriptSourceFromString( form.Source, SourceCodeKind.File );<br>
<br>
source.Execute();<br>
<br>
Where form.Source is a string containing this :<br>
<br>
import sys<br>
<br>
import clr<br>
clr.AddReference("System.Windows.Forms")<br>
clr.AddReference("System")<br>
clr.AddReference("Microsoft.Xna.Framework")<br>
clr.AddReference("Microsoft.Xna.Framework.Graphics")<br>
clr.AddReference("Microsoft.Xna.Framework.Input")<br>
clr.AddReference("Bnoerj.AI.Steering.Demo.Plugins.Ctf")<br>
<br>
from Bnoerj.AI.Steering.Demo.Plugins.Ctf import CtfBase, Globals<br>
<br>
class CtfPythonSeeker(CtfBase):<br>
<br>
def __init__(self):<br>
Reset()<br>
<br>
def Reset(self):<br>
Globals.Instance.Seeker = self<br>
<br>
How can I prevent some references from being referenced, like
"Microsoft.Xna.Framework" but allow
"Bnoerj.AI.Steering.Demo.Plugins.Ctf"?<br>
<br>
Thanks in advance<br>
<br>
Michael</p>
</div></div></div>
</div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.ironpython.com">Users@lists.ironpython.com</a><br>
<a href="http://lists.ironpython.com/listinfo.cgi/users-ironpython.com" target="_blank">http://lists.ironpython.com/listinfo.cgi/users-ironpython.com</a><br>
<br></blockquote></div><br>