什麼是DLR爲了正確運行而需要的必需的PermissionSet
項目?.NET DLR和SecurityException的
我們在我們的沙盒腳本環境中啓用了DLR。但是,像下面的一些代碼...
dynamic foo = someobject
foo.FooBar();
...只是導致一個相當模糊和「未完成」 -looking拋出異常,如下所示:
System.Security.SecurityException: Request failed.
at CallSite.Target(Closure , CallSite , Object)
at System.Dynamic.UpdateDelegates.UpdateAndExecuteVoid1[T0](CallSite site, T0 arg0)
at AcmeCorp.AcmeRocket.Workflow.Scripting.Assemblies.WorkflowScriptImplementation.Test()
at AcmeCorp.AcmeRocket.Workflow.Scripting.Assemblies.WorkflowScriptImplementation.__action_activity_4397110c5d7141a6802a070d3b942b77()
--- End of inner exception stack trace ---
at AcmeCorp.AcmeRocket.Workflow.Scripting.WorkflowScriptProxy.Invoke(String method_name)
at AcmeCorp.AcmeRocket.Workflow.Execution.Executors.ActionActivityExecutor.Execute(WorkflowInstance wi, ActionActivity activity)
at AcmeCorp.AcmeRocket.Workflow.Execution.ActivityExecutorBase.Execute(WorkflowInstance wi, Activity activity)
at AcmeCorp.AcmeRocket.Workflow.Execution.WorkflowExecutor.ExecuteActivity(WorkflowInstance wi, Activity activity)
at AcmeCorp.AcmeRocket.Workflow.Execution.WorkflowExecutor.Execute(WorkflowInstance wi, Nullable`1 branch_index)
通常SecurityException
的包括大量的細節明確指出哪些權限導致它失敗,但在這種情況下,我們沒有得到 - 很煩人。 PS:如果我使用我們的沙盒暫時授予PermissionSet(PermissionState.Unrestricted)
運行相同的測試,那麼問題就會消失。但顯然我們確實想要將其鎖定到DLR所需的特定權限集。
PPS:當前(失敗)的PermissionSet按如下方式創建:
var ps = new PermissionSet(PermissionState.None);
ps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
ps.AddPermission(new ReflectionPermission(ReflectionPermissionFlag.RestrictedMemberAccess));
感謝。
有時候,像這篇文章的第二個意見是它需要找到解決方案。發現我的程序集('someobject'源於,我的例子)缺少標記「AllowPartiallyTrustedCallersAttribute」。我對自己感到惱火,因爲我沒有檢查並且早點仔細檢查。 – nbevans 2011-04-13 13:44:24