AppDomain.IsFullyTrusted 屬性
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
取得值,該值指出載入目前應用程式定義域中的組件是否在完全信任情況下執行。
public:
property bool IsFullyTrusted { bool get(); };public bool IsFullyTrusted { get; }member this.IsFullyTrusted : boolPublic ReadOnly Property IsFullyTrusted As Boolean屬性值
如果載入目前應用程式定義域中的組件在完全信任情況下執行,則為 true,否則為 false。
範例
下列範例示範 IsFullyTrusted 屬性和 Assembly.IsFullyTrusted 屬性,其中包含完全信任和部分信任的應用程式域。 完全信任的應用程式域是應用程式的預設應用程式域。 部分信任的應用程式域是使用 AppDomain.CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) 方法多載所建立。
此範例使用 Worker 衍生自 MarshalByRefObject 的類別,因此可以跨應用程式域界限封送處理。 此範例會在 Worker 預設應用程式域中建立 物件。 然後它會呼叫 TestIsFullyTrusted 方法來顯示應用程式域的屬性值,以及載入至應用程式域的兩個元件:mscorlib,這是.NET Framework的一部分,以及範例元件。 應用程式域是完全信任的,因此這兩個元件都完全受信任。
此範例會在沙箱化應用程式域中建立另一個 Worker 物件,並再次呼叫 TestIsFullyTrusted 方法。 Mscorlib 一律受信任,即使在部分信任的應用程式域中,但範例元件是部分信任的。
using System;
namespace SimpleSandboxing
{
public class Worker : MarshalByRefObject
{
static void Main()
{
Worker w = new Worker();
w.TestIsFullyTrusted();
AppDomain adSandbox = GetInternetSandbox();
w = (Worker) adSandbox.CreateInstanceAndUnwrap(
typeof(Worker).Assembly.FullName,
typeof(Worker).FullName);
w.TestIsFullyTrusted();
}
public void TestIsFullyTrusted()
{
AppDomain ad = AppDomain.CurrentDomain;
Console.WriteLine("\r\nApplication domain '{0}': IsFullyTrusted = {1}",
ad.FriendlyName, ad.IsFullyTrusted);
Console.WriteLine(" IsFullyTrusted = {0} for the current assembly",
typeof(Worker).Assembly.IsFullyTrusted);
Console.WriteLine(" IsFullyTrusted = {0} for mscorlib",
typeof(int).Assembly.IsFullyTrusted);
}
// ------------ Helper method ---------------------------------------
static AppDomain GetInternetSandbox()
{
// Create the permission set to grant to all assemblies.
System.Security.Policy.Evidence hostEvidence = new System.Security.Policy.Evidence();
hostEvidence.AddHostEvidence(new System.Security.Policy.Zone(
System.Security.SecurityZone.Internet));
System.Security.PermissionSet pset =
System.Security.SecurityManager.GetStandardSandbox(hostEvidence);
// Identify the folder to use for the sandbox.
AppDomainSetup ads = new AppDomainSetup();
ads.ApplicationBase = System.IO.Directory.GetCurrentDirectory();
// Create the sandboxed application domain.
return AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, null);
}
}
}
/* This example produces output similar to the following:
Application domain 'Example.exe': IsFullyTrusted = True
IsFullyTrusted = True for the current assembly
IsFullyTrusted = True for mscorlib
Application domain 'Sandbox': IsFullyTrusted = False
IsFullyTrusted = False for the current assembly
IsFullyTrusted = True for mscorlib
*/
open System
open System.IO
open System.Security
open System.Security.Policy
type Worker() =
inherit MarshalByRefObject()
member _.TestIsFullyTrusted() =
let ad = AppDomain.CurrentDomain
printfn $"\nApplication domain '{ad.FriendlyName}': IsFullyTrusted = {ad.IsFullyTrusted}"
printfn $" IsFullyTrusted = {typeof<Worker>.Assembly.IsFullyTrusted} for the current assembly"
printfn $" IsFullyTrusted = {typeof<int>.Assembly.IsFullyTrusted} for mscorlib"
// ------------ Helper function ---------------------------------------
let getInternetSandbox () =
// Create the permission set to grant to all assemblies.
let hostEvidence = Evidence()
hostEvidence.AddHostEvidence(Zone System.Security.SecurityZone.Internet)
let pset = SecurityManager.GetStandardSandbox hostEvidence
// Identify the folder to use for the sandbox.
let ads = AppDomainSetup()
ads.ApplicationBase <- Directory.GetCurrentDirectory()
// Create the sandboxed application domain.
AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, null)
let w = Worker()
w.TestIsFullyTrusted()
let adSandbox = getInternetSandbox()
let w2 =
adSandbox.CreateInstanceAndUnwrap(typeof<Worker>.Assembly.FullName, typeof<Worker>.FullName) :?> Worker
w2.TestIsFullyTrusted()
(* This example produces output similar to the following:
Application domain 'Example.exe': IsFullyTrusted = True
IsFullyTrusted = True for the current assembly
IsFullyTrusted = True for mscorlib
Application domain 'Sandbox': IsFullyTrusted = False
IsFullyTrusted = False for the current assembly
IsFullyTrusted = True for mscorlib
*)
Public Class Worker
Inherits MarshalByRefObject
Shared Sub Main()
Dim w As New Worker()
w.TestIsFullyTrusted()
Dim adSandbox As AppDomain = GetInternetSandbox()
w = CType(adSandbox.CreateInstanceAndUnwrap(
GetType(Worker).Assembly.FullName,
GetType(Worker).FullName),
Worker)
w.TestIsFullyTrusted()
End Sub
Public Sub TestIsFullyTrusted()
Dim ad As AppDomain = AppDomain.CurrentDomain
Console.WriteLine(vbCrLf & "Application domain '{0}': IsFullyTrusted = {1}",
ad.FriendlyName, ad.IsFullyTrusted)
Console.WriteLine(" IsFullyTrusted = {0} for the current assembly",
GetType(Worker).Assembly.IsFullyTrusted)
Console.WriteLine(" IsFullyTrusted = {0} for mscorlib",
GetType(Integer).Assembly.IsFullyTrusted)
End Sub
' ------------ Helper method ---------------------------------------
Shared Function GetInternetSandbox() As AppDomain
' Create the permission set to grant to all assemblies.
Dim hostEvidence As New System.Security.Policy.Evidence()
hostEvidence.AddHostEvidence(
New System.Security.Policy.Zone(System.Security.SecurityZone.Internet))
Dim pset As System.Security.PermissionSet =
System.Security.SecurityManager.GetStandardSandbox(hostEvidence)
' Identify the folder to use for the sandbox.
Dim ads As New AppDomainSetup()
ads.ApplicationBase = System.IO.Directory.GetCurrentDirectory()
' Create the sandboxed application domain.
Return AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, Nothing)
End Function
End Class
' This example produces output similar to the following:
'
'Application domain 'Example.exe': IsFullyTrusted = True
' IsFullyTrusted = True for the current assembly
' IsFullyTrusted = True for mscorlib
'
'Application domain 'Sandbox': IsFullyTrusted = False
' IsFullyTrusted = False for the current assembly
' IsFullyTrusted = True for mscorlib
'
備註
這個方法一律會針對在桌面上執行之應用程式的預設應用程式域傳回 true 。 除非授與應用程式域的許可權等於完全信任,否則它會針對使用 AppDomain.CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) 方法多載建立的沙箱化應用程式域傳回 false 。