Configuring App. domains in .NET Framework with C#
Assembly has so called Evidence which contain information about code groups Assembly belongs. Code groups in this content are a folder on the drive or website. By controlling Evidence we can assign security permission to Assemblies. In order to do so we need to create System.Security.Policy.Evidence object and pass it as a parameter to method called ExecuteAssembly.
object [] hostEvidence = {new Zone(SecurityZone.Internet)};
Evidence internetEvidence = new Evidence(hostEvidence, null);
AppDomain myAppDomain = AppDomain.CreateDomain("MyOwnDomain");
myAppDomain.ExecuteAssembly("SecondAssemblyFile.exe", internetEvidence);
If we examine above code we’ll see that assembly will run in app. domain with the permission granter to Internet_Zone which is our code_group in this case. We know that Internet_Zone is very restrictive with Internet permission set.
If we want to configure app. domain we should create App. domains with AppDomainSetup class with the following properties.
Name | Description |
---|---|
ActivationArguments | Gets or sets the activation data of an app. domain |
ApplicationBase | Gets or sets the name of the root directory |
ApplicationName | Gets or sets the name of the app |
ApplicationTrust | Gets or sets an object containing security info |
ConfigurationFile | Gets or sets the name of the config. file for an app. domain |
DisallowApplicationBaseProbing | Checks if application base path and private binary path are probed when searching for assemblies to load |
DisallowBindingRedirects | Gets or sets a value indicating whether an app. domain allows assembly binding redirection |
DisallowCodeDownload | Gets or sets a value indicating whether HTTP download is allowed for an app. domain |
DisallowPublisherPolicy | Gets or sets an indicator that the publisher policy section of the configuration file is applied to an app. domain |
DynamicBase | Gets or sets the base directory |
LicenseFile | Gets or sets the location of the license file |
LoaderOptimization | Specifies the optimization policy |
PrivateBinPath | Gets or sets the list of directories |
// Construct AppDomain.
AppDomainSetup myAppDomainSetup = new AppDomainSetup();
myAppDomainSetup.ApplicationBase = "file://" + System.Environment.CurrentDirectory;
myAppDomainSetup.DisallowBindingRedirects = false;
myAppDomainSetup.DisallowCodeDownload = true;
myAppDomainSetup.ConfigurationFile = AppDomain.CurrentDomain.SetupInformation.ConfigurationFile;
// Create AppDomain
AppDomain d = AppDomain.CreateDomain("New Domain", null, myAppDomainSetup);
AppDomain.CurrentDomain.SetupInformation is used to examine properties of the App. domain.