#region License Information
/* HeuristicLab
* Copyright (C) 2002-2010 Heuristic and Evolutionary Algorithms Laboratory (HEAL)
*
* This file is part of HeuristicLab.
*
* HeuristicLab is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* HeuristicLab is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with HeuristicLab. If not, see .
*/
#endregion
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using HeuristicLab.PluginInfrastructure.Manager;
using System.IO;
using System.ComponentModel;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Reflection;
using System.Diagnostics;
namespace HeuristicLab.PluginInfrastructure.Sandboxing {
public class SandboxManager {
private static StrongName CreateStrongName(Assembly assembly) {
if (assembly == null)
throw new ArgumentNullException("assembly");
AssemblyName assemblyName = assembly.GetName();
Trace.Assert(assemblyName != null, "Could not get assembly name");
// get the public key blob
byte[] publicKey = assemblyName.GetPublicKey();
if (publicKey == null || publicKey.Length == 0)
throw new InvalidOperationException("Assembly is not strongly named");
StrongNamePublicKeyBlob keyBlob = new StrongNamePublicKeyBlob(publicKey);
// and create the StrongName
return new StrongName(keyBlob, assemblyName.Name, assemblyName.Version);
}
#region ISandboxManager Members
public static AppDomain CreateAndInitSandbox(string name) {
return CreateAndInitSandbox(name, Enumerable.Empty());
}
public static AppDomain CreateAndInitSandbox(string name, IEnumerable files) {
PermissionSet pset;
#region permission set for sandbox
//Uncomment code for sandboxed appdomain
/* pset = new PermissionSet(PermissionState.None);
pset.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
pset.AddPermission(new ReflectionPermission(ReflectionPermissionFlag.AllFlags));
FileIOPermission fPerm = new FileIOPermission(PermissionState.None);
foreach (IPluginDescription plugin in ApplicationManager.Manager.Plugins) {
foreach (IPluginFile pluginFile in plugin.Files) {
fPerm.AddPathList(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery, pluginFile.Name);
//fPerm.AddPathList(FileIOPermissionAccess.AllAccess, pluginFile.Name);
}
}
pset.AddPermission(fPerm);*/
#endregion
#region permission set of unrestricted appdomain
// unrestricted appdomain
pset = new PermissionSet(PermissionState.Unrestricted);
#endregion
AppDomainSetup setup = AppDomain.CurrentDomain.SetupInformation;
//setup.PrivateBinPath = pluginDir;
setup.ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase;
AppDomain applicationDomain = AppDomain.CreateDomain(name, AppDomain.CurrentDomain.Evidence, setup, pset, new StrongName[] {CreateStrongName(Assembly.GetExecutingAssembly())});
Type applicationManagerType = typeof(DefaultApplicationManager);
DefaultApplicationManager applicationManager =
(DefaultApplicationManager)applicationDomain.CreateInstanceAndUnwrap(applicationManagerType.Assembly.FullName, applicationManagerType.FullName, true, BindingFlags.NonPublic | BindingFlags.Instance, null, null, null, null, null);
PluginManager pm = new PluginManager(name);
pm.DiscoverAndCheckPlugins();
ApplicationDescription[] apps = pm.Applications.Cast().ToArray();
PluginDescription[] plugins = pm.Plugins.Cast().ToArray();
applicationManager.PrepareApplicationDomain(apps, plugins);
return applicationDomain;
}
#endregion
}
}