Can you give us the full stack trace of the exception that gets thrown and also what version of the CLR are you running against?
It may be the case that partial trust will require the latest and greatest patch of .NET as there have been some changes to enable reflection / reflection emit to work better in partial trust. But it could also be a DLR or IronPython bug when running in partial trust on the desktop CLR. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sho List Sent: Tuesday, April 01, 2008 12:43 PM To: users@lists.ironpython.com Subject: [IronPython] Restricting IronPython/DLR in a Sandbox? Hello IronPythoners, I am using the IronPython 2 Beta 1 on .Net 2.0. My goal is to create a restricted sandbox for scripts to run in using the DLR. I have searched high and low and have not found a solution utilizing the latest python beta release and DLR. It would seem this is something that should be straightforward to accomplish as the DLR's ScriptRuntime.Create takes an AppDomain as an overload. And indeed, my Python engine and runtime are loaded in the remote AppDomain, however I can only get it to work when the AppDomain has FullTrust permissions. Anything lower (say Intranet Zone and the like) and it throws a Method Access Exceptions on the ScriptRuntime.Create method. I have tried creating the AppDomain like so: AppDomain.CreateDomain(name, defaultEvidence, appDomainSetup, defaultPermissions, TrustedAssemblies.ToArray) Where: name is the name defaultEvidence is the evidence for the restricted zone appDomainSetup sets the BaseDirectory defaultPermissions is the permission set of the restricted zone TrustedAssemblies is a list containing references to "Microsoft.Scripting", "IronPython", "IronPython.Modules" Using any zone other than MyComputer results in the exception. I am not stuck on getting a permission set from a predefined zone, I have tried creating permissions sets other ways with the same result. Using zones seems easier for illustration. I need IronPython scripts to be run in a fairly constrained environment. No file IO, no loading assemblies. Basically, just the ability for the user to interact with the Hosting apps object model with some basic .Net library functions like String etc. Thanks! ________________________________ Pack up or back up-use SkyDrive to transfer files or keep extra copies. Learn how.<hthttp://www.windowslive.com/skydrive/overview.html?ocid=TXT_TAGLM_WL_Refresh_skydrive_packup_042008>
_______________________________________________ Users mailing list Users@lists.ironpython.com http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
