[opensource-dev] Client-side scripting in Snowglobe

Frisby, Adam adam at deepthink.com.au
Thu Feb 18 06:06:04 PST 2010


Look into Code Access Security (CAS) in .NET - it is a pretty damn tough security sandbox; every operation that can be called in the default libraries is security rated; everything outside that is weighted based on:
- What it declares itself
- What functions in the Standard Library it calls (can only be as secure as all the functions it calls)
- If it uses native code (automatically 'unsafe')



More information about the opensource-dev mailing list