Running Phalanger in a restricted AppDomain
Posted: July 1st, 2007, 6:16 pm
Hi, is it possible to run Phalanger in a restricted AppDomain? It appears to require a lot of permissions, for example, just ScriptContext.RunApplication requires:
new SecurityPermission(SecurityPermissionFlag.ControlThread)
new ConfigurationPermission(PermissionState.Unrestricted)
new EnvironmentPermission(PermissionState.Unrestricted)
As I get deeper into giving it permissions, I'm opening up huge holes. The latest one needed is:
The demand was for:
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="UnmanagedCode"/>
Once I give my restricted AppDomain this permission, the user can start running arbitrary PInvoke calls from their PHP.NET code.
Has this been part of the design of Phalanger? Is there another way to do this? I am writing a host that hosts .NET plugins, such as PHP.NET.
Thanks,
new SecurityPermission(SecurityPermissionFlag.ControlThread)
new ConfigurationPermission(PermissionState.Unrestricted)
new EnvironmentPermission(PermissionState.Unrestricted)
As I get deeper into giving it permissions, I'm opening up huge holes. The latest one needed is:
The demand was for:
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="UnmanagedCode"/>
Once I give my restricted AppDomain this permission, the user can start running arbitrary PInvoke calls from their PHP.NET code.
Has this been part of the design of Phalanger? Is there another way to do this? I am writing a host that hosts .NET plugins, such as PHP.NET.
Thanks,