support.DEVSENSE.com

Hi, is it possible to run Phalanger in a restricted AppDomain? It appears to require a lot of permissions, for example, just ScriptContext.RunApplication requires:

new SecurityPermission(SecurityPermissionFlag.ControlThread)
new ConfigurationPermission(PermissionState.Unrestricted)
new EnvironmentPermission(PermissionState.Unrestricted)

As I get deeper into giving it permissions, I'm opening up huge holes. The latest one needed is:

The demand was for:
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="UnmanagedCode"/>

Once I give my restricted AppDomain this permission, the user can start running arbitrary PInvoke calls from their PHP.NET code.

Has this been part of the design of Phalanger? Is there another way to do this? I am writing a host that hosts .NET plugins, such as PHP.NET.

Thanks,

One of the features Phalanger supports is the ability to use exising extension (c) dlls. This requires that Phalanger to P/Invoke. The ability to use arbitrary extensions is a benefit to users of existing PHP scripts because these are likely to use extensions. So I think it is by design.

Is there any way to turn off extension dlls? What do extension dlls entail? Is MySQL an extension dll?

Thanks,

No, there's no way to turn extensions off. Extensions are fundamental to PHP and, yes, the MySQL support in PHP is provided by an extension.

It sounds like what you are really wanting to do is use the PHP syntax in .NET. If so there are other tools you could use. As mentioned in the original reply, Phalanger seems to be trying to replicate the whole of the PHP experience and this includes extensions. If extensions are not supported then existing PHP apps such as Mambo, Joomla and MediaWiki could not be ported to work in a .NET AppDomain instance.

Bill