0

In C#, Is it possible to dynamicaly load a .NET library at runtime with using something like System.Reflection.Assembly.LoadFile & disabling the loaded library from using [DllImport("someCPP.DLL", EntryPoint ="someFunction")] so that you can't call c++ stuff for security reasons??

The reason for this question is i'm thinking about making a generic openSource browser plugin that could run any .NET code & display things like OpenGL or Direct3D or whatever content you want in the browser using .NET. This would need the loaded .NET library to be secure though by disabling "DllImport" & maybe some other things. Is this possible?

zezba9000
  • 3,247
  • 1
  • 29
  • 51
  • you should be worried about way more than just DllImport. lots of very malicious things can be done with plain old managed code. – Robert Levy Jan 22 '11 at 04:44
  • Is there anything else you can think of off the top of your head I should be taking into account? Like sandboxing or somthing...? – zezba9000 Jan 24 '11 at 17:15

1 Answers1

3

You can use an application domain with restricted security permissions.

Here is a general introduction to application domains:

And here is the specific permission related to executing unmanaged code:

Rick Sladkey
  • 33,988
  • 6
  • 71
  • 95
  • The "SecurityAction.Deny" & "sp.Deny();" are throwing errors "The Deny stack modifier has been obsoleted by the .NET Framework"... Funny how they still give sample code for .NET4 using the Deny keyword... – zezba9000 Jan 22 '11 at 21:02
  • Here is some useful information specific to security and .NET4: http://www.simple-talk.com/dotnet/.net-framework/whats-new-in-code-access-security-in-.net-framework-4.0---part-i/ – Rick Sladkey Jan 23 '11 at 02:19
  • Thankx for the great links. I think this info will solve most security issues. – zezba9000 Jan 24 '11 at 17:14