Scripting Language in a Sandbox for a C#/.NET Application
Asked Answered
W

2

6

[This question is similar to this one, but I am also interested in the possibility of a sandbox.]

I am considering embedding a scripting language in my C#/.NET application and then exposing some of my application's API to the scripts. There seem to be multiple good options for this (Lua, Boo, IronPython, etc.), but are there easy options for restricting the scripting language's built-in functions from being used? For example, I do not want the scripts to be able to perform I/O except through the API that I explicitly expose, so no printing to the console, opening files, etc. Do any of these scripting languages provide an easy way to do this?

Wenz answered 19/2, 2009 at 8:6 Comment(1)
Not sure how much protection you need, but don't forget that sandboxing might also need to cover DOS attacks - infinite loops etc.Kahler
S
4

You can load te script into a different AppDomain and control the permissions of the second AppDomain.

This link should get you started:
http://blogs.msdn.com/shawnfa/archive/2005/08/08/449050.aspx

Seignior answered 19/2, 2009 at 10:52 Comment(0)
B
3

I have used Powershell as a scripting language on windows myself and found it to be very useful, and if you are familiar with .NET then its all the more easier.

Download a two page reference document here, this is all you will need to get started.

But yes you can use .NET System.IO namespace to perform IO operations via Powershell

same posted # this link

Bissonnette answered 19/2, 2009 at 9:27 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.