Im currently adding a interface to my application so other people can extend it with plugins. My application is used by MMO gamers and i will not have any control over the plugins ( In that anyone will be allowed to make them ) and i was hoping i could have some degree of control over the code in the plugins.
What im afraid of is someone making a plugin that either contains bad code that starts writing to folders outside "allowed" folders or does this by design. Since this will be run by a MMO gamers some sort of keylogger would be very bad.
So im hoping there is a way for me to: Force the plugin to run inside a sandbox where it does not have direct access to filesystem,windows or network. In effect forcing them to use the API i provide for those actions. I was thinking it might be posible to inspect the plugin dll hoping it contained a list of what namespaces it uses, and simply not load plugins that contained "bad" namespaces.
My plugin interface is based on this great codeproject artice , i did try to search for some information on this. But i was unable to refine my search to a point where it returned something usefull, if it mathers my skill level is C# and some cross platform c++.