[Ironpython-users] Problem with Restricted Permissions AppDomain, when using Compile() then ExecuteAndWrap()...
Jason A. Petrasko
jason at wishray.com
Sun Sep 8 23:19:33 CEST 2013
I had my code setup to call ExecuteAndWrap on the ScriptSource, which
worked ok, but if there were errors in the compilation stage I lost them
because of the cross domain exceptions bungling. So I changed my code
like so:
Source = Engine.CreateScriptSourceFromString (code,
Microsoft.Scripting.SourceCodeKind.File);
Reporter.Reset();
CompiledCode cc = Source.Compile (Reporter);
if (cc != null)
{
ObjectHandle ohe;
cc.ExecuteAndWrap (Scope, out ohe);
if (ohe != null) {
object o = ohe.Unwrap ();
if (o is Exception)
return ((Exception)o).ToString ();
}
return null;
} else
return Reporter.AllErrors();
However when I try to access my scope variable objects I get this exception:
----
System.Security.SecurityException: Request failed.
at
System.Security.CodeAccessSecurityEngine.ThrowSecurityException(RuntimeAssembly
asm, PermissionSet granted, PermissionSet refused,
RuntimeMethodHandleInternal rmh, SecurityAction action, Object demand,
IPermission permThatFailed)
at
System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Object
assemblyOrString, PermissionSet granted, PermissionSet refused,
RuntimeMethodHandleInternal rmh, SecurityAction action, Object demand,
IPermission permThatFailed)
at
System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet
grants, PermissionSet refused, PermissionSet demands,
RuntimeMethodHandleInternal rmh, Object assemblyOrString, SecurityAction
action, Boolean throwException)
at
System.Security.CodeAccessSecurityEngine.CheckSetHelper(CompressedStack
cs, PermissionSet grants, PermissionSet refused, PermissionSet demands,
RuntimeMethodHandleInternal rmh, RuntimeAssembly asm, SecurityAction action)
at
System.Runtime.CompilerServices.RuntimeHelpers._CompileMethod(IRuntimeMethodInfo
method)
at System.Reflection.Emit.DynamicMethod.CreateDelegate(Type
delegateType, Object target)
at System.Linq.Expressions.Compiler.LambdaCompiler.CreateDelegate()
ct state)
at
Microsoft.Scripting.Interpreter.LightDelegateCreator.CreateDelegate(StrongBox`1[]
closure)
at Microsoft.Scripting.Interpreter.LightDelegateCreator.CreateDelegate()
at Microsoft.Scripting.Generation.CompilerHelpers.LightCompile(Lamb
at
System.Linq.Expressions.Compiler.LambdaCompiler.Compile(LambdaExpression
lambda, DebugInfoGenerator debugInfoGenerator)
at System.Linq.Expressions.LambdaExpression.Compile()
at
Microsoft.Scripting.Interpreter.LightDelegateCreator.Compile(ObjeDynamicMetaObject
binding, CachedBindingInfo`1 bindingInfo)
at
Microsoft.Scripting.Utils.DynamicUtils.GenericInterpretedBinder`1.Bind(DynamicMetaObjectBinder
binder, Int32 compilationThreshold, Object[] args)
at Microsoft.Scripting.Utils.DynamicUtidaExpression lambda, Int32
compilationThreshold)
at
Microsoft.Scripting.Generation.CompilerHelpers.LightCompile[T](Expression`1
lambda, Int32 compilationThreshold)
at
Microsoft.Scripting.Utils.DynamicUtils.GenericInterpretedBinder`1.CreateDelegate(ls.LightBind[T](DynamicMetaObjectBinder
binder, Object[] args, Int32 compilationThreshold)
at
IronPython.Runtime.Types.BuiltinFunction.IronPython.Runtime.Binding.IFastInvokable.MakeInvokeBinding[T](CallSite`1
site, PythonInvokeBinder binder, CodeContext state, Object[] args)
at
IronPython.Runtime.Binding.PythonInvokeBinder.BindDelegate[T](CallSite`1
site, Object[] args)
at
System.Runtime.CompilerServices.CallSiteBinder.BindCore[T](CallSite`1
site, Object[] args)
at
System.Dynamic.UpdateDelegates.UpdateAndExecute3[T0,T1,T2,TRet](CallSite
site, T0 arg0, T1 arg1, T2 arg2)
at
Microsoft.Scripting.Interpreter.DynamicInstruction`4.Run(InterpretedFrame frame)
at Microsoft.Scripting.Interpreter.Interpreter.Run(InterpretedFrame
frame)
at Microsoft.Scripting.Interpreter.LightLambda.Run2[T0,T1,TRet](T0
arg0, T1 arg1)
at IronPython.Compiler.PythonScriptCode.RunWorker(CodeContext ctx)
at IronPython.Compiler.PythonScriptCode.Run(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.InvokeTarget(Scope scope)
at IronPython.Compiler.RuntimeScriptCode.Run(Scope scope)
at Microsoft.Scripting.Hosting.CompiledCode.Execute(ScriptScope scope)
at
Microsoft.Scripting.Hosting.CompiledCode.ExecuteAndWrap(ScriptScope
scope, ObjectHandle& exception)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.PermissionSet
The demand was for:
<PermissionSet class="System.Security.PermissionSet"
version="1"
Unrestricted="true"/>
The granted set of the failing assembly was:
<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.ReflectionPermission,
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=<snip>"
version="1"
Unrestricted="true"/>
<IPermission class="System.Security.Permissions.SecurityPermission,
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=<snip>"
version="1"
Flags="Execution"/>
</PermissionSet>
The assembly or AppDomain that failed was:
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=<snip>
----
Which I didn't get when I called ExecuteAndWrap() from the
ScriptSource... I have no idea what is going on, and no internet
searches are helping me debug this :(
I setup the AppDomain for the engine like so:
pset.AddPermission (new SecurityPermission
(SecurityPermissionFlag.Execution));
pset.AddPermission(new
ReflectionPermission(PermissionState.Unrestricted));
pset.AddPermission(new
FileIOPermission(FileIOPermissionAccess.PathDiscovery |
FileIOPermissionAccess.Read | FileIOPermissionAccess.Write,
AppDomain.CurrentDomain.BaseDirectory));
Any ideas?
- Jason Petrasko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ironpython-users/attachments/20130908/4cb4e744/attachment.html>
More information about the Ironpython-users
mailing list