AppDomain.IsFullyTrusted 属性
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
获取一个值,该值指示加载到当前应用程序域的程序集是否是以完全信任方式执行的。
public:
property bool IsFullyTrusted { bool get(); };public bool IsFullyTrusted { get; }member this.IsFullyTrusted : boolPublic ReadOnly Property IsFullyTrusted As Boolean属性值
如果加载到当前应用程序域的程序集是以完全信任方式执行的,则为 true;否则为 false。
示例
以下示例演示 IsFullyTrusted 属性和 Assembly.IsFullyTrusted 具有完全信任和部分信任的应用程序域的属性。 完全信任的应用程序域是应用程序的默认应用程序域。 部分信任的应用程序域是使用 AppDomain.CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) 方法重载创建的。
该示例使用 Worker 派生自 MarshalByRefObject的类,因此可以跨应用程序域边界封送该类。 该示例在默认应用程序域中创建 一个 Worker 对象。 然后,TestIsFullyTrusted它调用 方法来显示应用程序域和加载到应用程序域中的两个程序集的属性值:mscorlib(属于.NET Framework的一部分)和示例程序集。 应用程序域是完全受信任的,因此两个程序集都是完全信任的。
该示例在沙盒应用程序域中创建另 Worker 一个 对象,并再次调用 TestIsFullyTrusted 方法。 Mscorlib 始终受信任,即使在部分受信任的应用程序域中也是如此,但示例程序集部分受信任。
using System;
namespace SimpleSandboxing
{
public class Worker : MarshalByRefObject
{
static void Main()
{
Worker w = new Worker();
w.TestIsFullyTrusted();
AppDomain adSandbox = GetInternetSandbox();
w = (Worker) adSandbox.CreateInstanceAndUnwrap(
typeof(Worker).Assembly.FullName,
typeof(Worker).FullName);
w.TestIsFullyTrusted();
}
public void TestIsFullyTrusted()
{
AppDomain ad = AppDomain.CurrentDomain;
Console.WriteLine("\r\nApplication domain '{0}': IsFullyTrusted = {1}",
ad.FriendlyName, ad.IsFullyTrusted);
Console.WriteLine(" IsFullyTrusted = {0} for the current assembly",
typeof(Worker).Assembly.IsFullyTrusted);
Console.WriteLine(" IsFullyTrusted = {0} for mscorlib",
typeof(int).Assembly.IsFullyTrusted);
}
// ------------ Helper method ---------------------------------------
static AppDomain GetInternetSandbox()
{
// Create the permission set to grant to all assemblies.
System.Security.Policy.Evidence hostEvidence = new System.Security.Policy.Evidence();
hostEvidence.AddHostEvidence(new System.Security.Policy.Zone(
System.Security.SecurityZone.Internet));
System.Security.PermissionSet pset =
System.Security.SecurityManager.GetStandardSandbox(hostEvidence);
// Identify the folder to use for the sandbox.
AppDomainSetup ads = new AppDomainSetup();
ads.ApplicationBase = System.IO.Directory.GetCurrentDirectory();
// Create the sandboxed application domain.
return AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, null);
}
}
}
/* This example produces output similar to the following:
Application domain 'Example.exe': IsFullyTrusted = True
IsFullyTrusted = True for the current assembly
IsFullyTrusted = True for mscorlib
Application domain 'Sandbox': IsFullyTrusted = False
IsFullyTrusted = False for the current assembly
IsFullyTrusted = True for mscorlib
*/
open System
open System.IO
open System.Security
open System.Security.Policy
type Worker() =
inherit MarshalByRefObject()
member _.TestIsFullyTrusted() =
let ad = AppDomain.CurrentDomain
printfn $"\nApplication domain '{ad.FriendlyName}': IsFullyTrusted = {ad.IsFullyTrusted}"
printfn $" IsFullyTrusted = {typeof<Worker>.Assembly.IsFullyTrusted} for the current assembly"
printfn $" IsFullyTrusted = {typeof<int>.Assembly.IsFullyTrusted} for mscorlib"
// ------------ Helper function ---------------------------------------
let getInternetSandbox () =
// Create the permission set to grant to all assemblies.
let hostEvidence = Evidence()
hostEvidence.AddHostEvidence(Zone System.Security.SecurityZone.Internet)
let pset = SecurityManager.GetStandardSandbox hostEvidence
// Identify the folder to use for the sandbox.
let ads = AppDomainSetup()
ads.ApplicationBase <- Directory.GetCurrentDirectory()
// Create the sandboxed application domain.
AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, null)
let w = Worker()
w.TestIsFullyTrusted()
let adSandbox = getInternetSandbox()
let w2 =
adSandbox.CreateInstanceAndUnwrap(typeof<Worker>.Assembly.FullName, typeof<Worker>.FullName) :?> Worker
w2.TestIsFullyTrusted()
(* This example produces output similar to the following:
Application domain 'Example.exe': IsFullyTrusted = True
IsFullyTrusted = True for the current assembly
IsFullyTrusted = True for mscorlib
Application domain 'Sandbox': IsFullyTrusted = False
IsFullyTrusted = False for the current assembly
IsFullyTrusted = True for mscorlib
*)
Public Class Worker
Inherits MarshalByRefObject
Shared Sub Main()
Dim w As New Worker()
w.TestIsFullyTrusted()
Dim adSandbox As AppDomain = GetInternetSandbox()
w = CType(adSandbox.CreateInstanceAndUnwrap(
GetType(Worker).Assembly.FullName,
GetType(Worker).FullName),
Worker)
w.TestIsFullyTrusted()
End Sub
Public Sub TestIsFullyTrusted()
Dim ad As AppDomain = AppDomain.CurrentDomain
Console.WriteLine(vbCrLf & "Application domain '{0}': IsFullyTrusted = {1}",
ad.FriendlyName, ad.IsFullyTrusted)
Console.WriteLine(" IsFullyTrusted = {0} for the current assembly",
GetType(Worker).Assembly.IsFullyTrusted)
Console.WriteLine(" IsFullyTrusted = {0} for mscorlib",
GetType(Integer).Assembly.IsFullyTrusted)
End Sub
' ------------ Helper method ---------------------------------------
Shared Function GetInternetSandbox() As AppDomain
' Create the permission set to grant to all assemblies.
Dim hostEvidence As New System.Security.Policy.Evidence()
hostEvidence.AddHostEvidence(
New System.Security.Policy.Zone(System.Security.SecurityZone.Internet))
Dim pset As System.Security.PermissionSet =
System.Security.SecurityManager.GetStandardSandbox(hostEvidence)
' Identify the folder to use for the sandbox.
Dim ads As New AppDomainSetup()
ads.ApplicationBase = System.IO.Directory.GetCurrentDirectory()
' Create the sandboxed application domain.
Return AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, Nothing)
End Function
End Class
' This example produces output similar to the following:
'
'Application domain 'Example.exe': IsFullyTrusted = True
' IsFullyTrusted = True for the current assembly
' IsFullyTrusted = True for mscorlib
'
'Application domain 'Sandbox': IsFullyTrusted = False
' IsFullyTrusted = False for the current assembly
' IsFullyTrusted = True for mscorlib
'
注解
此方法始终 true 返回桌面上运行的应用程序的默认应用程序域。 它为使用 AppDomain.CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) 方法重载创建的沙盒应用程序域返回 false ,除非授予应用程序域的权限等效于完全信任。
