[Mono-dev] Embeded : Enable CAS

Stifu stifu at free.fr
Wed Jan 27 09:17:53 EST 2010 



Sebastien Pouliot-2 wrote:
> 
> On Wed, 2010-01-27 at 09:34 +0100, Damien wrote:
>> > I would like to know if and how it is possible to activate code
>> access
>>         > security with Mono used as an embeded library...
>>         
>>         
>>         For fun ? maybe. For profit ? not likely.
>>         
>> 
>> Well, for fun :)
>>  
>>         A *much more* interesting approach is to use CoreCLR (the
>>         transparency
>>         model) that is being used by Moonlight (just like it exist in
>>         Silverlight). You even get reviewed class libraries (albeit a
>>         more
>>         limited profile) on a supported feature. If you need more
>>         (than the 2.1
>>         profile) then it's not-too-hard to extend (tools exists) and
>>         you could
>>         plug additional policies on top of other features (think of
>>         the socket
>>         policies).
>> 
>> I am creating a piece of C++ app that will add plugins entry points.
>> But to avoid potential security problems due to bad plugins, I want to
>> add security to the managed part, so I can give the plugins access to
>> the socket related code only if explicitly given by the app.
>> 
>> I achieve this on MS framework by having the current AppDomain with
>> app trusts (fulltrust), from which I create another appdomain, with a
>> very small PermissionSet, where I execute the plugin. I would like to
>> do the same in Mono embeded : my native code call a managed object,
>> that will create the other AppDomain with security, and do all the
>> stuff...
>> 
>> I am targeting the 3.5 framework.
>> 
>> I would like to know if it is possible without having to creaty my
>> custom Mono runtime, so I can deploy my app on every machine that has
>> standard Mono installed (with a minimum version number)...
> 
> No, like I said previously it is incomplete (both runtime and class
> libraries) so you'll have, at least, to supply a custom Mono with your
> application.
> 
> Sebastien
> 
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list
> 
> 

Unless he submitted these patches to the Mono team and waited for a new
official release to include them, right? :p
Just clearing that up.
-- 
View this message in context: http://old.nabble.com/Embeded-%3A-Enable-CAS-tp27330407p27340043.html
Sent from the Mono - Dev mailing list archive at Nabble.com.

More information about the Mono-devel-list mailing list