I'm writing an application that is trusted, but I want it to run some
untrusted code, and I don't understand how I do that. I'm including an
example.
I want to trust my class, TrustedClass, to do whatever it wants to the
file system. I don't want to trust UntrustedClass, so I don't give it
any permissions. But the untrusted code just calls Assert() before it
accesses the file system, and it succeeds.
How do I modify TrustedClass to make sure that UntrustedClass cannot
access the file system?
using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Permissions;
using System.Security;
using System.IO;
namespace SecurityTest
{
//My class
class TrustedClass
{
static void Main(string[] args)
{
PermissionSet permissions = new PermissionSet(null);
permissions.PermitOnly();
UntrustedClass.UntrustedMethod();
}
}
//Adversary's class
class UntrustedClass
{
public static void UntrustedMethod()
{
FileIOPermission permission = new
FileIOPermission(PermissionState.Unrestricted);
permission.Assert();
FileStream fs = new FileStream(@"C:\testing.txt",
FileMode.Create);
}
}
}