0

If I have an app that allows users to enter C# code, how can I sandbox this code to block any malicious scripts?

In a very rudimentary example the app would be a textbox with a button that says "Compile". I then use the "codeDomProvider.CompileAssemblyFromSource" to compile and run the code.

I've seen the possibility of a AppDomain but that seems to be for external DLLs being referenced in, rather than code inside of an already complied and running app.

Is AppDomain the correct approach here so that when the "compile" button is pressed the usercode is ran in a sandbox?

ConnorM
  • 9
  • 1
  • 7
  • 1
    related https://stackoverflow.com/questions/57837190/how-does-one-run-code-within-the-browser-at-run-time – Drag and Drop Dec 16 '22 at 14:41
  • Thanks but that seems to relate to web browsers whereas this is a WinForms app. – ConnorM Dec 16 '22 at 15:10
  • duplicates: https://stackoverflow.com/q/8312974/1462295 https://stackoverflow.com/q/36107551/1462295 https://stackoverflow.com/q/5997995/1462295 https://stackoverflow.com/q/2464854/1462295 – BurnsBA Dec 16 '22 at 15:48

0 Answers0