Sandboxing with AppDomain

June 21, 2017

Sandboxing with AppDomain

Introduction
Prerequisites
Sandboxing with AppDomain
Putting it all together

Introduction

In the following, i will show you how to run partially trusted code and avoid polluting main application domain by sandboxing with AppDomain.

Prerequisites

IDE: Microsoft Visual Studio or Visual Studio Code

Sandboxing with AppDomain

To understand and apply this, first see:

https://docs.microsoft.com/en-us/dotnet/framework/misc/how-to-run-partially-trusted-code-in-a-sandbox

In addition to that:

communication across application domains is made via a proxy (a class that extends System.MarshalByRefObject);
modifications on reference type parameters are available across application domains only for ref and out parameters;
CreateInstanceAndUnwrap rises AssemblyResolve events in the application domain from which it was called for the specified assembly (i wasn't expecting that!!!).

In the screenshot from above we can see that the main application domain (with blue) is pretty clean, all the necessary assemblies were loaded in a new application domain (with yellow) and removed from memory after the work was done (by unloading the newly created application domain). This approach allows us to use assemblies with different versions in the same application.

Putting it all together

The source code can be found on GitHub at:

https://github.com/dradoaica/Sandboxing.With.AppDomain

Enjoy (ง°ل͜°)ง

Search This Blog

Journeys of a not so young anymore Software Engineer

Sandboxing with AppDomain

Contents

Introduction

Prerequisites

Sandboxing with AppDomain

Putting it all together

Comments

Post a Comment

Popular Posts

Rebalancer for RabbitMQ, SQS, etc.

Poison message handling RabbitMQ