I have a COM(written in .NET) which needs to create a an AppDomain and load/execute .NET assemblies in it. So that I could unload that appDomain later along with all loaded dll's. While working OK in normal(e.g. WinForms) .NET app, I get security exceptions if this code runs from within COM context. Assuming that the COM assembly is strongly named and placed in GAC it has a fulltrust policy. Can anyone explain if this is possible, and if not - why?
A:
Yes it can. In order to have CAS let you do that you should include
[assembly: System.Security.AllowPartiallyTrustedCallersAttribute()]
attribute in the COM assembly and the loaded assemblies. Also creating objects and executing assemblies would require to add a proper permission set to the new app domain like this:
AppDomainSetup setup = new AppDomainSetup();
setup.ApplicationBase = Path.GetDirectoryName(path);
PermissionSet trustPermissionSet = new PermissionSet(PermissionState.Unrestricted);
AppDomain newDomain = AppDomain.CreateDomain( "descriptive name", null, setup, trustPermissionSet);
Then you may simply create object via CreateInstanceFromAndUnwrap() or executeAssembly. There also is a workaround to this issue - to use Activator
System.Runtime.Remoting.ObjectHandle objHandle = Activator.CreateInstanceFrom(_pluginStore[path], path, pluginClass);
if (objHandle != null) { object unwrappedInstance = objHandle.Unwrap(); result.Add(unwrappedInstance); }
but after its execution code has no rights to do any "complicated stuff"
You can find out more here
Revenge
2009-12-08 15:10:37