Reputation: 3406
Error: "Inheritance security rules violated" while Sandboxing
I'm creating an application that will run code in a sandboxed environment. This environment should only allow the untrusted code to process resources that it is explicity given and return a defined data type. I'm using the principals found in this article to setup the sandbox:
How to: Run Partially Trusted Code in a Sandbox
I also have some code that will need to run inside the sandboxed environment. Unfortunately, when I try to setup the type to run inside the sandbox I'm getting the following error:
Inheritance security rules violated by type: 'MyTypeRunningInSandbox'. Derived types must either match the security accessibility of the base type or be less accessible.
I'm not sure why I would get this error as both the base type and the derived type were created by me, and neither should be more or less secure than the other.
My Application Strucure (to help you understand):
TypeLoader class
\
Trusted Sandbox Manager (i.e. sets up a the new sandbox)
\ (the error is happening in this class while creating the
| new app domain)
|
|Untrusted Sandbox Manager (i.e. runs the untrusted code)
If you compare my solution with regard to the Microsoft article above, my code is failing on the equivalent to the following line:
ObjectHandle handle = Activator.CreateInstanceFrom(
newDomain, typeof(Sandboxer).Assembly.ManifestModule.FullyQualifiedName,
typeof(Sandboxer).FullName );
Any thoughts on how to troubleshoot this issue?
Upvotes: 2
Views: 3562
Answers (1)
Reputation: 3406
I finally figured this out. I needed a better understanding of how trusted assemblies and strong names work. The problem was that my the base type for my untrusted type was located in an assembly that was signed with the same strong name key I had setup as trusted before. When I moved the base type to a new assembly with a different strong name key, it started working great. It seems so obvious now, can't imagine why I didn't see it before.
Thanks to anyone who gave this consideration!
Upvotes: 5
Related Questions
- Attempt by security transparent method X to access security critical method Y failed
- Derived types must either match the security accessibility of the base type or be less accessible in very basic case
- System.TypeLoadException was unhandled / Inheritance security rules violated while overriding member
- Sandbox exception "Derived types must either match the security accessibility of the base type or be less accessible."
- Sandboxing untrusted code in c#, Security Permissions seem not working
- .net 4.0 security model. Another "Inheritance security rules violated by type..." exception
- Why CAS 2.0 Framework doesn't work?
- Security exception when passing .net 3.5 to 4.0
- System.MethodAccessException, CAS and Visual Studio debugger
- C# 3.5 winforms app upgraded to C#4.0 issue because of the exclusion of CAS