[Mono-dev] Embeded : Enable CAS

Damien maitredede at gmail.com
Wed Jan 27 03:34:58 EST 2010

> I would like to know if and how it is possible to activate code access

> > security with Mono used as an embeded library...
> For fun ? maybe. For profit ? not likely.
Well, for fun :)

> A *much more* interesting approach is to use CoreCLR (the transparency
> model) that is being used by Moonlight (just like it exist in
> Silverlight). You even get reviewed class libraries (albeit a more
> limited profile) on a supported feature. If you need more (than the 2.1
> profile) then it's not-too-hard to extend (tools exists) and you could
> plug additional policies on top of other features (think of the socket
> policies).

I am creating a piece of C++ app that will add plugins entry points. But to
avoid potential security problems due to bad plugins, I want to add security
to the managed part, so I can give the plugins access to the socket related
code only if explicitly given by the app.

I achieve this on MS framework by having the current AppDomain with app
trusts (fulltrust), from which I create another appdomain, with a very small
PermissionSet, where I execute the plugin. I would like to do the same in
Mono embeded : my native code call a managed object, that will create the
other AppDomain with security, and do all the stuff...

I am targeting the 3.5 framework.

I would like to know if it is possible without having to creaty my custom
Mono runtime, so I can deploy my app on every machine that has standard Mono
installed (with a minimum version number)...


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ximian.com/pipermail/mono-devel-list/attachments/20100127/165d4932/attachment-0001.html 

More information about the Mono-devel-list mailing list