Game Development Reference
dynamic runtime compilation of plugins. There are two main approaches to solv-
ing this problem with the .NET platform: code access security and setting a secu-
rity policy on the temporary AppDomain that plugins run under. This chapter will
not cover code access security, but it will discuss how to enforce a security policy.
Windows has a variety of security zones that restrict what applications and web
sites can do under them. The actual restrictions for these security zones can be
customized to your needs.
The following two methods show how to set the security policy of the temporary
AppDomain so that code within it runs under the Local Intranet security zone.
private void EnforceSecurityPolicy()
PolicyLevel policyLevel = PolicyLevel.CreateAppDomainLevel();
PermissionSet permissionSet = new PermissionSet(PermissionState.None);
condition = new AllMembershipCondition();
statement = new PolicyStatement(permissionSet,
UnionCodeGroup codeGroup = new UnionCodeGroup(condition, statement);
NamedPermissionSet localIntranet = FindNamedPermissionSet(“LocalIntranet”);
condition = new ZoneMembershipCondition(SecurityZone.MyComputer);
statement = new PolicyStatement(localIntranet,
The following code restricts all code on this machine to the Local Intranet per-
missions when running within this AppDomain .
UnionCodeGroup virtualIntranet = new UnionCodeGroup(condition, statement);
virtualIntranet.Name = “Virtual Intranet”;
Add the code group to the policy level.