[Mono-dev] Embeded : Enable CAS
Sebastien Pouliot
sebastien.pouliot at gmail.com
Wed Jan 27 09:05:30 EST 2010
On Wed, 2010-01-27 at 09:34 +0100, Damien wrote:
> > I would like to know if and how it is possible to activate code
> access
> > security with Mono used as an embeded library...
>
>
> For fun ? maybe. For profit ? not likely.
>
>
> Well, for fun :)
>
> A *much more* interesting approach is to use CoreCLR (the
> transparency
> model) that is being used by Moonlight (just like it exist in
> Silverlight). You even get reviewed class libraries (albeit a
> more
> limited profile) on a supported feature. If you need more
> (than the 2.1
> profile) then it's not-too-hard to extend (tools exists) and
> you could
> plug additional policies on top of other features (think of
> the socket
> policies).
>
> I am creating a piece of C++ app that will add plugins entry points.
> But to avoid potential security problems due to bad plugins, I want to
> add security to the managed part, so I can give the plugins access to
> the socket related code only if explicitly given by the app.
>
> I achieve this on MS framework by having the current AppDomain with
> app trusts (fulltrust), from which I create another appdomain, with a
> very small PermissionSet, where I execute the plugin. I would like to
> do the same in Mono embeded : my native code call a managed object,
> that will create the other AppDomain with security, and do all the
> stuff...
>
> I am targeting the 3.5 framework.
>
> I would like to know if it is possible without having to creaty my
> custom Mono runtime, so I can deploy my app on every machine that has
> standard Mono installed (with a minimum version number)...
No, like I said previously it is incomplete (both runtime and class
libraries) so you'll have, at least, to supply a custom Mono with your
application.
Sebastien
More information about the Mono-devel-list
mailing list