[Mono-dev] Embeded : Enable CAS

Sebastien Pouliot sebastien.pouliot at gmail.com
Wed Jan 27 09:05:30 EST 2010

On Wed, 2010-01-27 at 09:34 +0100, Damien wrote:
> > I would like to know if and how it is possible to activate code
> access
>         > security with Mono used as an embeded library...
>         For fun ? maybe. For profit ? not likely.
> Well, for fun :)
>         A *much more* interesting approach is to use CoreCLR (the
>         transparency
>         model) that is being used by Moonlight (just like it exist in
>         Silverlight). You even get reviewed class libraries (albeit a
>         more
>         limited profile) on a supported feature. If you need more
>         (than the 2.1
>         profile) then it's not-too-hard to extend (tools exists) and
>         you could
>         plug additional policies on top of other features (think of
>         the socket
>         policies).
> I am creating a piece of C++ app that will add plugins entry points.
> But to avoid potential security problems due to bad plugins, I want to
> add security to the managed part, so I can give the plugins access to
> the socket related code only if explicitly given by the app.
> I achieve this on MS framework by having the current AppDomain with
> app trusts (fulltrust), from which I create another appdomain, with a
> very small PermissionSet, where I execute the plugin. I would like to
> do the same in Mono embeded : my native code call a managed object,
> that will create the other AppDomain with security, and do all the
> stuff...
> I am targeting the 3.5 framework.
> I would like to know if it is possible without having to creaty my
> custom Mono runtime, so I can deploy my app on every machine that has
> standard Mono installed (with a minimum version number)...

No, like I said previously it is incomplete (both runtime and class
libraries) so you'll have, at least, to supply a custom Mono with your


More information about the Mono-devel-list mailing list