我有一些代码,动态编译一个Razor模板到一个程序集中,我使用 执行一组权限(无法访问文件等)。限制许可AppDomain授权集问题
这适用于我们的开发计算机和我们的测试服务器(Windows 2008 IIS7 x64 .NET 4)。但是,我们的生产服务器上(同一规格),它给人的错误:
:
这里是代码“加载此程序集将产生不同的补助金,其他情况下设置(从HRESULT异常0x80131401)。” -
public static SandboxContext Create(string pathToUntrusted, List<Assembly> references)
{
AppDomainSetup adSetup = new AppDomainSetup();
adSetup.ShadowCopyFiles = "true";
var dir = new DirectoryInfo(pathToUntrusted);
String tempPath = Path.Combine(Path.GetTempPath(), dir.Name + "_shadow");
adSetup.CachePath = tempPath;
// Our sandbox needs access to this assembly.
string AccessPath = Path.Combine(System.Web.Hosting.HostingEnvironment.ApplicationPhysicalPath, "bin\\CommonInterfaces.WebPages.dll");
System.IO.File.Copy(AccessPath, Path.Combine(pathToUntrusted, "CommonInterfaces.WebPages.dll"), true);
var baseDir = Path.GetFullPath(pathToUntrusted);
adSetup.ApplicationBase = baseDir;
adSetup.PrivateBinPath = baseDir;
adSetup.PartialTrustVisibleAssemblies =
new string[] {
typeof(System.Web.WebPageTraceListener).Assembly.FullName,
typeof(System.Web.Razor.RazorEngineHost).Assembly.FullName};
//Setting the permissions for the AppDomain. We give the permission to execute and to
//read/discover the location where the untrusted code is loaded.
PermissionSet permSet = new PermissionSet(PermissionState.None);
permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
//We want the sandboxer assembly's strong name, so that we can add it to the full trust list.
StrongName fullTrustAssembly = typeof(Sandboxer).Assembly.Evidence.GetHostEvidence<StrongName>();
Evidence evidence = new Evidence();
//Now we have everything we need to create the AppDomain, so let's create it.
AppDomain newDomain = AppDomain.CreateDomain("Sandbox", evidence, adSetup, permSet, fullTrustAssembly);
ObjectHandle handle = Activator.CreateInstanceFrom(
newDomain, typeof(Sandboxer).Assembly.ManifestModule.FullyQualifiedName,
typeof(Sandboxer).FullName
);
//Unwrap the new domain instance into a reference in this domain and use it to execute the
//untrusted code.
var newDomainInstance = (Sandboxer)handle.Unwrap();
return new SandboxContext(newDomain, newDomainInstance);
}
任何想法,为什么它会在一台服务器上不同?我只是在破损的服务器上安装了所有优秀的Windows Update,并没有帮助。
如果我改变的PermissionSet到: -
PermissionSet permSet = new PermissionSet(PermissionState.Unrestricted);
所有的代码工作(但出现安全漏洞推测)