3

I want to run some of my code in Python. However, for security reasons i need to run it in some kind of sandbox. What I'm doing is: First i create a domain with restricted permissions:

private AppDomain CreateDomain()
    {
        AppDomainSetup setup = new AppDomainSetup();
        Assembly thisAssembly = Assembly.GetExecutingAssembly();
        setup.ApplicationBase = Path.GetDirectoryName(thisAssembly.Location);

        AssemblyName name = typeof(Program).Assembly.GetName();

        StrongName sn = new StrongName(new StrongNamePublicKeyBlob(name.GetPublicKey()), name.Name, name.Version);

        PermissionSet permSet = new PermissionSet(PermissionState.None);
        permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));


        setup.PartialTrustVisibleAssemblies = new[] { sn.Name + ", PublicKey=" + sn.PublicKey.ToString() };

        AppDomain domain = AppDomain.CreateDomain(
            "Sandbox",
            AppDomain.CurrentDomain.Evidence,
            setup,
            permSet,
            sn);

        return domain;
    }

Next i create python engine and other needed items(d is a Dictionary which im working on in python:

string pythonCode = File.ReadAllText(@"D:\Python\Class.py");
string createInstanceCode = "ObjectNew = Class(dictionary)";

ScriptEngine pyEngine = IronPython.Hosting.Python.CreateEngine(domain);
ScriptScope pyScope = pyEngine.CreateScope();
pyScope.SetVariable("dictionary", d);

pyEngine.Execute(pythonCode, pyScope);
pyEngine.Execute(createInstanceCode, pyScope);

The python code is just one big class with functions in it. I want to call these functions from C# and get the results so i try to create an instance of that class. Using advice from this question: How do I call a specific Method from a Python Script in C#? I am doing this:

var testObject = pyScope.GetVariable("ObjectNew");

This is the error i get at this point: An unhandled exception of type 'System.Runtime.Serialization.SerializationException' occurred in PythonTimeTests.exe

This doesn't happen if i change this

ScriptEngine pyEngine = IronPython.Hosting.Python.CreateEngine(domain);

to

ScriptEngine pyEngine = IronPython.Hosting.Python.CreateEngine();

But then i can't manage the permissions IronPython has. Is there a way of doing this differently without serialization, perhaps using reflection? Or is there a better way of sandboxing it(maybe sandbox the whole C# code that manages IronPython)?

Improve this question
Related questions
2
(IronPython) Execute PythonFunction from C#
10
Build Python scripts and call methods from C#
66
How can I call (Iron)Python code from a C# app?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.