1

i wrote a Plugin system and the Plugin Host need to know which 'usings' each module has.

The main idea is limit what the plugin can use in the code, to evaluate it's security level. Exemple: the plugins can't manipulate Disk or Networking, then i'm thinking in limit by 'usings' or loaded dlls.

I seached how to get the 'Loaded Modules' of plugin, but i don't found the reference of System.IO or any dll that could help.

Then i look into assembly.Get***() (modules/fields/...)

maybe an axemple could help: Plugin 'A' EntryPoint.cs

using System.Collections.Generic; <--- is allowed
using System.IO;  <--- it is not allowed
using System.Net;  <--- it is not allowed
.... Declare a namsespace, classes and other... AND i used a streamwriter

i need to know if the plugin is using System.Net, or other prohibited reference.

Thanks (a lot for ALL possibilities)

Edit: 1) Assembly.GetReferencedAssemblies don't work, some DLLs has Allowed and Prohibeted references

2) The Disk/Network access could be done using some 'help libraries' that manages this access.

3) for Sandbox solution: i saw this, but the major question is that i have something like a virtual disk, and when user ask to list a directory, this operation will ask a server 'what files this user has in this folder?' then this server will collect all files in a database and return this list. When a file must be readed/writed this modifications need to sync. with all other computers that can read this file. A Network operation is a specific to a range of 'virtual parteners' but without a complete VPN solution.

Rafael
  • 345
  • 3
  • 16
  • 1
    You are trying to figure out if the code literally says "using" or are you trying to figure out if an assembly has a Reference to a particular DLL? – aquinas Aug 27 '12 at 01:42
  • @aquinas maybe search for a particular DLL (or a list of) will be better (simpler or even possible) than literally 'every using' – Rafael Aug 27 '12 at 01:47
  • Are you trying to figure out if the code references certain types? `using` clauses aren't visible in the compiled code. – CodesInChaos Aug 27 '12 at 01:47
  • I guess you need to load the assembly with Mono.Cecil and check all metadata tokens. | Or you could use CAS, which is designed for limiting the rights of unprivileged code. – CodesInChaos Aug 27 '12 at 01:48
  • You should be aware that a nefarious user could side step your check by using a native library that made these calls indirectly for them. – pickypg Aug 27 '12 at 01:54
  • possible duplicate of [C# Load Sandboxed Assembly](http://stackoverflow.com/questions/8691363/c-sharp-load-sandboxed-assembly) – Chris Shain Aug 27 '12 at 01:56
  • is this a visual studio plugin? – Daniel Powell Aug 27 '12 at 01:56
  • @ChrisShain i add a (Edit 3) for that, thanks – Rafael Aug 27 '12 at 02:20
  • Security, you are doing it wrong. Basically your approach is severely, if not totally, flawed. You will gain nothing by knowing what is in the using statements. Look into what the CLR offers in security and use that. – Casper Leon Nielsen Jan 27 '13 at 01:11

3 Answers3

4

This isn't possible. using is just a syntax helper to save you from fully qualifying everything you want to use from another namespace.

If you want to run a piece of code with restricted permissions, then you can accomplish that by loading it into a separate app domain with limited trust. Here's an article that may help.

BAF
  • 445
  • 2
  • 10
  • 1
    By "just a syntax helper", that means the `using` declaration doesn't make it into the assembly. Even if it did, you couldn't use them to guarantee that someone didn't just use the full name of the type, so if you're trying to make sure certain namespaces weren't used, checking those declarations wouldn't do you any good anyway. – cHao Aug 27 '12 at 02:10
2

Assembly.GetReferencedAssemblies will give you an assembly's dependencies.

spender
  • 117,338
  • 33
  • 229
  • 351
  • I tryed that, test plugin make disk reads and it shows only mscorlib and PluginInterface library, if System.IO is in same dll that other 'allowed usings' that will not work... thanks for help. – Rafael Aug 27 '12 at 01:53
  • 3
    @Rafael that's because System.IO (or rather the relevant IO classes) is in mscorlib. Time to re-evaluate your approach. – Chris Shain Aug 27 '12 at 01:54
1

Have a look at the System.Addins namespace. This allows you to safely enumerate and load plugins in partially-trusted environments.

Answers to this SO question may help as well, especially strong naming the plugins.

Community
  • 1
  • 1
devstuff
  • 8,277
  • 1
  • 27
  • 33