The IronPython team just announced their v1.0 beta 7 release , which is especially interesting to me because they’ve enabled IronPython to be signed with a test key signature. Beta 7 has four configurations, the standard Release and Debug along with...

One trap that catches a lot of people new to the simple sandboxing API is that the API will throw an InvalidOperationException if the AppDomainSetup parameter does not contain an ApplicationBase, saying "This API requires the ApplicationBase to be specified...

We've looked at how the CLR supports mapping a custom zone to the Internet zone and how you can modify the SSCLI to handle whatever zone mapping policy you want , but if you want richer mapping than is built in and don't want to run on a custom SSCLI...

My previous post is begging the question "so what is the SSCLI's zone mapping policy?" It's actually quite simple, the source for SecurityPolicy::QuickGetZone in clr\src\vm\securitypolicy.cpp shows that SSCLI maps a URL to: NoZone if the URL...

On the topic of zones and the CLR ... Windows lets you define custom zones outside of the standard ones that the CLR knows about (see MSDN's topic on Security Zones for more information). However, because the CLR doesn't know about them, generally...

This week, I've had three separate cases where people have wondered why the CLR was assigning seemingly incorrect zone evidence to their assembly, causing their permission sets to be less than what was expected. The quick and dirty answer is that the...

One of the common problems that people run into when setting up simple sandbox domains in their application is that any call through to Assembly.LoadFrom results in a FileIOPermission demand for read access to the assembly in question. Generally, the...