I have working .NET 2.0 addin that takes an AppDomain created by an external application and applies user-defined security policy (PolicyLevel) by using AppDomain.SetAppDomainPolicy() method. However, this method is obsolete in .NET 4.0 and fails at runtime. Here is a sample code:
AppDomain domain = ExternalApplication.GetAppDomain(); //This call is from external program which I can’t change.
PolicyLevel pl = GetUserDefinedPolicyLevel()
domain. SetAppDomainPolicy(pl); //This fails in .NET 4.0
I saw 4.0 example setting AppDomain security by using following call:
AppDomain.CreateDomain( string friendlyName, Evidence securityInfo, AppDomainSetup info, PermissionSet grantSet, params StrongName[] fullTrustAssemblies);
However, this API is used when an AppDomain is already created. In my situation the addin has to use existing AppDomains.
Another solution I found was to use .config files and add <NetFx40_LegacySecurityPolicy enabled="true" /> element to enforce legacy AppDomain security. This is also not an option in my case since I have an addin for applications and I can’t add .config files.
Is there a way to change AppDomain security at runtime after it has been created in .NET 4.0?
I hope that this should be possible, since otherwise it would look like 4.0 removed the ability to tighten security at run-time.
Thanks