I have a plug-in vector established using System.AddIn that accepts the body of a pre-defined method, munges the method body into boilerplate code, generates the assembly and executes the method.
The assembly references System
and System.Core
and is sandboxed with
var pset = new PermissionSet(PermissionState.None);
pset.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
The only exception I can find reference to that could possible bring down the host is a stack overflow, which could be invoked any number of creative means, e.g. closing the body and declaring a recursive method etc...
And then there are the possible attack vectors exposed by the referenced assemblies, System
and System.Core
.
My question is: How safe is this and what are some examples of malicious code that could potentially bring down the host and possible ways to prevent such attacks?
UPDATE: also for those familiar with the Managed AddIn Framework, apply the same question to AddInSecurityLevel.Internet
.