Recently I've managed to get the Razor parser working under .NET 3.5 and hosted by SQL Server 2008. At the moment, it's really just an experiment to see what is feasible. This is working, including dynamic compilation of razor template assemblies which are then loaded into the AppDomain (that was a mission!).
Because SQLCLR does not allow you to use Assembly.Load() in any SQLCLR hosted code, even with PERMISSION_SET = UNSAFE
. My workaround for this is to register the assembly directly after compilation using sp_executesql
which I build the CREATE ASSEMBLY
statement. When I dynamically render these template assemblies, I do so with PERMISSION_SET = SAFE
to ensure they don't do anything outside what is permitted for safe assemblies.
Now the tricky part is, these razor templates are running in the context of the connected user, so they have access to the database, e.g., in my template, I could do:
@import System.Data.SqlClient
@{
using (var conn = new SqlConnection("Context Connection = true"))
{
conn.Open();
// Execute something against the database
}
}
PERMISSION_SET = SAFE
will allow for this, as that is one of the reasons SQLCLR even exists, but in these template assemblies I want to introduce some additional security that would allow me to prevent users from executing anything against the database.
Does anyone know 开发者_StackOverflowof a way to disable types, such as SqlConnection
or SqlCommand
, perhaps using Code Access Security or another method?
SqlClientPermission
can be used to prevent use of SqlConnection
.
精彩评论