[Ironpython-users] Importing modules in a restricted AppDomain
Dino Viehland
dinov at microsoft.com
Wed Mar 7 20:47:00 CET 2012
After adding the reflection permissions I wonder what the exception is. Instead of doing Engine.Execute(string, ScriptScope) can you instead call ExecuteAndWrap(string, ScriptScope, out ObjectHandle)? In general when you're working with the remote domain you'll want to use the *Wrap versions to avoid serializing results back into the local domain (which can fail).
I'm not sure if we're trying to serialize an exception object here or the result of your execution, but either way one of those is failing. You should be able to check and see if the handles are null, and can also pass them back into the remote domain for formatting (using either ObjectOperations.Format or ExceptionOperations.FormatException) and just get a string back.
From: Cesar Mello [mailto:cmello at gmail.com]
Sent: Wednesday, March 07, 2012 11:38 AM
To: Dino Viehland
Cc: ironpython-users at python.org
Subject: Re: [Ironpython-users] Importing modules in a restricted AppDomain
Thanks a lot for the help guys. I'm trying to walk on my own, but just for a quick feedback I've used the code suggested and now when I run "import decimal" I get a MethodAccessException. I presumed it was safe to add all the Reflection permissions and then I get an unhandled ArgumentNullException (second stack trace). There is a bunch of internal SecurityExceptions that are handled in the meantime though. I'll try to debug this using the Console in a restricted AppDomain, so please don't bother to answer me if I am doing some silly mistake.
Thanks and best regards!
Mello
Stack trace 1 (MethodAccessException)
Attempt by method 'Microsoft.Scripting.Utils.ReflectionUtils.CreateDelegate(System.Reflection.MethodInfo, System.Type, System.Object)' to access method 'IronPython.Compiler.Ast.UncollectableCompilationMode.NextSite<System.Func`4<System.Runtime.CompilerServices.CallSite,System.Object,IronPython.Runtime.CodeContext,System.Object>>(System.Dynamic.DynamicMetaObjectBinder)' failed.
at System.Delegate.BindToMethodInfo(Object target, IRuntimeMethodInfo method, RuntimeType methodType, DelegateBindingFlags flags)
at System.Delegate.CreateDelegate(Type type, Object firstArgument, MethodInfo method, Boolean throwOnBindFailure)
at Microsoft.Scripting.Utils.ReflectionUtils.CreateDelegate(MethodInfo methodInfo, Type delegateType, Object target)
at Microsoft.Scripting.Utils.ReflectionUtils.CreateDelegate(MethodInfo methodInfo, Type delegateType)
at IronPython.Compiler.Ast.UncollectableCompilationMode.DelegateCache.MakeDelegateType(Type retType, Expression[] args)
at IronPython.Compiler.Ast.UncollectableCompilationMode.ReduceDynamic(DynamicMetaObjectBinder binder, Type retType, Expression arg0, Expression arg1)
at IronPython.Compiler.Ast.DynamicGetMemberExpression.Reduce()
at System.Linq.Expressions.Expression.ReduceAndCheck()
at System.Linq.Expressions.Expression.VisitChildren(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.VisitExtension(Expression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.VisitExtension(Expression node)
at System.Linq.Expressions.Expression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.Expression.VisitChildren(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.VisitExtension(Expression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.VisitExtension(Expression node)
at System.Linq.Expressions.Expression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.ExpressionVisitor.VisitBlock(BlockExpression node)
at System.Linq.Expressions.BlockExpression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.ExpressionVisitor.VisitBlock(BlockExpression node)
at System.Linq.Expressions.BlockExpression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.Expression.VisitChildren(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.VisitExtension(Expression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.VisitExtension(Expression node)
at System.Linq.Expressions.Expression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.ExpressionVisitor.VisitBlock(BlockExpression node)
at System.Linq.Expressions.BlockExpression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.Expression.VisitChildren(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.VisitExtension(Expression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.VisitExtension(Expression node)
at System.Linq.Expressions.Expression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at System.Linq.Expressions.ExpressionVisitor.VisitBlock(BlockExpression node)
at System.Linq.Expressions.BlockExpression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.RewriteTryBody(TryExpression node, LabelTarget ehLabel)
at Microsoft.Scripting.Ast.LightExceptionRewriter.RewriteTryCatch(TryExpression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.VisitTry(TryExpression node)
at System.Linq.Expressions.TryExpression.Accept(ExpressionVisitor visitor)
at System.Linq.Expressions.ExpressionVisitor.Visit(Expression node)
at Microsoft.Scripting.Ast.LightExceptionRewriter.Rewrite(Expression expr)
at Microsoft.Scripting.Ast.LightExceptionConvertingExpression.Reduce()
at Microsoft.Scripting.Interpreter.LightCompiler.CompileExtensionExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileMethodCallExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileExtensionExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockStart(BlockExpression node)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockStart(BlockExpression node)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileExtensionExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockStart(BlockExpression node)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileExtensionExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileTryExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileTryExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileAsVoid(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockStart(BlockExpression node)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileBlockExpression(Expression expr, Boolean asVoid)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileLabelExpression(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileNoLabelPush(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.Compile(Expression expr)
at Microsoft.Scripting.Interpreter.LightCompiler.CompileTop(LightLambdaExpression node)
at Microsoft.Scripting.Ast.LightExpression`1.Compile(Int32 compilationThreshold)
at IronPython.Compiler.RuntimeScriptCode.Compile()
at IronPython.Compiler.RuntimeScriptCode.EnsureCompiled()
at IronPython.Compiler.RuntimeScriptCode.InvokeTarget(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.Run(Scope scope)
at IronPython.Runtime.PythonContext.InitializeModule(String fileName, ModuleContext moduleContext, ScriptCode scriptCode, ModuleOptions options)
at IronPython.Runtime.PythonContext.CompileModule(String fileName, String moduleName, SourceUnit sourceCode, ModuleOptions options, ScriptCode& scriptCode)
at IronPython.Runtime.PythonContext.CompileModule(String fileName, String moduleName, SourceUnit sourceCode, ModuleOptions options)
at IronPython.Runtime.Importer.LoadFromSourceUnit(CodeContext context, SourceUnit sourceCode, String name, String path)
at IronPython.Runtime.Importer.LoadModuleFromSource(CodeContext context, String name, String path)
at IronPython.Runtime.Importer.LoadFromDisk(CodeContext context, String name, String fullName, String str)
at IronPython.Runtime.Importer.ImportFromPathHook(CodeContext context, String name, String fullName, List path, Func`5 defaultLoader)
at IronPython.Runtime.Importer.ImportFromPath(CodeContext context, String name, String fullName, List path)
at IronPython.Runtime.Importer.ImportTopAbsolute(CodeContext context, String name)
at IronPython.Runtime.Importer.ImportModule(CodeContext context, Object globals, String modName, Boolean bottom, Int32 level)
at IronPython.Modules.Builtin.__import__(CodeContext context, String name, Object globals, Object locals, Object fromlist, Int32 level)
at System.Func`7.Invoke(T1 arg1, T2 arg2, T3 arg3, T4 arg4, T5 arg5, T6 arg6)
at Microsoft.Scripting.Interpreter.FuncCallInstruction`7.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.Interpreter.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.LightLambda.Run7[T0,T1,T2,T3,T4,T5,T6,TRet](T0 arg0, T1 arg1, T2 arg2, T3 arg3, T4 arg4, T5 arg5, T6 arg6)
at IronPython.Runtime.Importer.ImportLightThrow(CodeContext context, String fullName, PythonTuple from, Int32 level)
at IronPython.Runtime.Operations.PythonOps.ImportTop(CodeContext context, String fullName, Int32 level)
at System.Func`4.Invoke(T1 arg1, T2 arg2, T3 arg3)
at Microsoft.Scripting.Interpreter.FuncCallInstruction`4.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.Interpreter.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.LightLambda.Run2[T0,T1,TRet](T0 arg0, T1 arg1)
at IronPython.Compiler.PythonScriptCode.RunWorker(CodeContext ctx)
at IronPython.Compiler.PythonScriptCode.Run(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.InvokeTarget(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.Run(Scope scope)
at Microsoft.Scripting.SourceUnit.Execute(Scope scope, ErrorSink errorSink)
at Microsoft.Scripting.SourceUnit.Execute(Scope scope)
at Microsoft.Scripting.Hosting.ScriptSource.Execute(ScriptScope scope)
at Microsoft.Scripting.Hosting.ScriptEngine.Execute(String expression, ScriptScope scope)
at Microsoft.Scripting.Hosting.ScriptEngine.Execute(String expression, ScriptScope scope)
at Elipse.Epm.Scripting.ExpressionEvaluator.ImportStandardModules(ScriptScope scope) in D:\proj\epm_5527\Source\EpmCommon\Elipse.Epm.Scripting\ExpressionEvaluator.cs:line 174
at Elipse.Epm.Scripting.ExpressionEvaluator.AddExpression(Expression expression, Object clientHandle) in D:\proj\epm_5527\Source\EpmCommon\Elipse.Epm.Scripting\ExpressionEvaluator.cs:line 82
--------------------------------------------------
After adding Reflection permissions;
at System.Reflection.RuntimeMethodInfo.MakeGenericMethod(Type[] methodInstantiation)
at System.Reflection.MemberInfoSerializationHolder.GetRealObject(StreamingContext context)
at Microsoft.Scripting.Hosting.ScriptEngine.Execute(String expression, ScriptScope scope)
at Elipse.Epm.Scripting.ExpressionEvaluator.ImportStandardModules(ScriptScope scope) in D:\proj\epm_5527\Source\EpmCommon\Elipse.Epm.Scripting\ExpressionEvaluator.cs:line 174
at Elipse.Epm.Scripting.ExpressionEvaluator.AddExpression(Expression expression, Object clientHandle) in D:\proj\epm_5527\Source\EpmCommon\Elipse.Epm.Scripting\ExpressionEvaluator.cs:line 82
On Wed, Mar 7, 2012 at 2:34 PM, Dino Viehland <dinov at microsoft.com<mailto:dinov at microsoft.com>> wrote:
Nope, ideally IronPython's assemblies are not trusted. In general IronPython's assemblies are "security transparent" which means they don't affect any security decisions made by the CLR. If you gave them full trust then the user could do something like file('C:\\bad_file.txt', 'w+'). The security transparency means that IronPython can contain a bunch of code for accessing files and stuff but that code doesn't need to be audited for security because we don't have any permissions of our own.
You might want to try doing something like:
AppDomainSetup info = new AppDomainSetup();
info.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory;
info.ApplicationName = "Test";
Evidence evidence = new Evidence();
evidence.AddHost(new Zone(SecurityZone.Internet));
System.Security.PermissionSet permSet = SecurityManager.GetStandardSandbox(evidence);
AppDomain newDomain = AppDomain.CreateDomain("test", evidence, info, permSet, null);
// create runtime in partial trust...
ScriptRuntime runtime = Python.CreateRuntime(newDomain);
Which will run the code in the internet zone which should be a safe set of permissions - you might need to add in your path access to this, but we use this setup in a test case so it definitely works.
From: ironpython-users-bounces+dinov=microsoft.com at python.org<mailto:microsoft.com at python.org> [mailto:ironpython-users-bounces+dinov<mailto:ironpython-users-bounces%2Bdinov>=microsoft.com at python.org<mailto:microsoft.com at python.org>] On Behalf Of Cesar Mello
Sent: Wednesday, March 07, 2012 5:17 AM
To: ironpython-users at python.org<mailto:ironpython-users at python.org>
Subject: Re: [Ironpython-users] Importing modules in a restricted AppDomain
Hi,
Must I grant fulltrust permissions to the IronPython assemblies? Sorry for the basic question, but will the scripts still be restricted in this case?
Thank you a lot. This is a bit urgent for me, because it's the last step before I can finish the prototype with IronPython and let it be accepted for embedding in our product.
Best regards!
Mello
On Mon, Mar 5, 2012 at 4:26 PM, Cesar Mello <cmello at gmail.com<mailto:cmello at gmail.com>> wrote:
Please ignore my previous question. Sucessfully added FileIOPermission with PathDiscovery and it worked:
var pythonLibsPath = ExpressionEvaluator.GetPythonLibsPath();
permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read, pythonLibsPath));
Now I'm facing some problem with Emit permissions. Added ReflectionPermission(PermissionState.Unrestricted) but still doesn't work.
I'm using .NET 4 in this project at work. Sorry if the subject is too general and off-topic.
Best regards
Mello
Message: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Reflection.Emit.AssemblyBuilder.DefineDynamicModuleInternalNoLock(String name, Boolean emitSymbolInfo, StackCrawlMark& stackMark)
at System.Reflection.Emit.AssemblyBuilder.DefineDynamicModuleInternal(String name, Boolean emitSymbolInfo, StackCrawlMark& stackMark)
at System.Reflection.Emit.AssemblyBuilder.DefineDynamicModule(String name, Boolean emitSymbolInfo)
at Microsoft.Scripting.Generation.AssemblyGen..ctor(AssemblyName name, String outDir, String outFileExtension, Boolean isDebuggable, PortableExecutableKinds peKind, ImageFileMachine machine)
at Microsoft.Scripting.Generation.AssemblyGen..ctor(AssemblyName name, String outDir, String outFileExtension, Boolean isDebuggable)
at Microsoft.Scripting.Generation.Snippets.CreateNewAssembly(String nameSuffix, Boolean emitSymbols)
at Microsoft.Scripting.Generation.Snippets.GetOrCreateAssembly(Boolean emitSymbols, AssemblyGen& assembly)
at Microsoft.Scripting.Generation.Snippets.GetAssembly(Boolean emitSymbols)
at Microsoft.Scripting.Generation.Snippets.DefineType(String name, Type parent, Boolean preserveName, Boolean emitDebugSymbols)
at Microsoft.Scripting.Generation.CompilerHelpers.CompileToMethod(LambdaExpression lambda, DebugInfoGenerator debugInfoGenerator, Boolean emitDebugSymbols)
at Microsoft.Scripting.Generation.CompilerHelpers.CompileToMethod[T](Expression`1 lambda, DebugInfoGenerator debugInfoGenerator, Boolean emitDebugSymbols)
at Microsoft.Scripting.Generation.CompilerHelpers.Compile[T](Expression`1 lambda, Boolean emitDebugSymbols)
at IronPython.Compiler.RuntimeScriptCode.Compile()
at IronPython.Compiler.RuntimeScriptCode.EnsureCompiled()
at IronPython.Compiler.RuntimeScriptCode.InvokeTarget(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.Run(Scope scope)
at IronPython.Runtime.PythonContext.InitializeModule(String fileName, ModuleContext moduleContext, ScriptCode scriptCode, ModuleOptions options)
at IronPython.Runtime.PythonContext.CompileModule(String fileName, String moduleName, SourceUnit sourceCode, ModuleOptions options, ScriptCode& scriptCode)
at IronPython.Runtime.PythonContext.CompileModule(String fileName, String moduleName, SourceUnit sourceCode, ModuleOptions options)
at IronPython.Runtime.Importer.LoadFromSourceUnit(CodeContext context, SourceUnit sourceCode, String name, String path)
at IronPython.Runtime.Importer.LoadModuleFromSource(CodeContext context, String name, String path)
at IronPython.Runtime.Importer.LoadFromDisk(CodeContext context, String name, String fullName, String str)
at IronPython.Runtime.Importer.ImportFromPathHook(CodeContext context, String name, String fullName, List path, Func`5 defaultLoader)
at IronPython.Runtime.Importer.ImportFromPath(CodeContext context, String name, String fullName, List path)
at IronPython.Runtime.Importer.ImportTopAbsolute(CodeContext context, String name)
at IronPython.Runtime.Importer.ImportModule(CodeContext context, Object globals, String modName, Boolean bottom, Int32 level)
at IronPython.Modules.Builtin.__import__(CodeContext context, String name, Object globals, Object locals, Object fromlist, Int32 level)
at Microsoft.Scripting.Interpreter.FuncCallInstruction`7.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.Interpreter.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.LightLambda.Run7[T0,T1,T2,T3,T4,T5,T6,TRet](T0 arg0, T1 arg1, T2 arg2, T3 arg3, T4 arg4, T5 arg5, T6 arg6)
at IronPython.Runtime.Importer.ImportLightThrow(CodeContext context, String fullName, PythonTuple from, Int32 level)
at IronPython.Runtime.Operations.PythonOps.ImportTop(CodeContext context, String fullName, Int32 level)
at Microsoft.Scripting.Interpreter.FuncCallInstruction`4.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.Interpreter.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.LightLambda.Run2[T0,T1,TRet](T0 arg0, T1 arg1)
at IronPython.Compiler.PythonScriptCode.RunWorker(CodeContext ctx)
at IronPython.Compiler.PythonScriptCode.Run(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.InvokeTarget(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.Run(Scope scope)
at Microsoft.Scripting.SourceUnit.Execute(Scope scope, ErrorSink errorSink)
at Microsoft.Scripting.SourceUnit.Execute(Scope scope)
at Microsoft.Scripting.Hosting.ScriptSource.Execute(ScriptScope scope)
at Microsoft.Scripting.Hosting.ScriptEngine.Execute(String expression, ScriptScope scope)
at Microsoft.Scripting.Hosting.ScriptEngine.Execute(String expression, ScriptScope scope)
at Elipse.Epm.Scripting.ExpressionEvaluator.ImportStandardModules(ScriptScope scope) in D:\proj\epm_5527\Source\EpmCommon\Elipse.Epm.Scripting\ExpressionEvaluator.cs:line 174
at Elipse.Epm.Scripting.ExpressionEvaluator.AddExpression(Expression expression, Object clientHandle) in D:\proj\epm_5527\Source\EpmCommon\Elipse.Epm.Scripting\ExpressionEvaluator.cs:line 82
On Mon, Mar 5, 2012 at 3:18 PM, Cesar Mello <cmello at gmail.com<mailto:cmello at gmail.com>> wrote:
Hi!
Is there a way to load modules without giving permission to the AppDomain to read .py files from disk?
I need to run user code with limited permissions. They should be able to do some simple calculations. But when I try to import a module like 'decimal', filesystem access permission is required.
Thank you a lot for the attention!
Best regards
Mello
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ironpython-users/attachments/20120307/c98fbcf2/attachment-0001.html>
More information about the Ironpython-users
mailing list