Strong Name Sandboxed AppDomain and GAC Problem with plugins

G'Day,

I am looking to setup a plugin architecture for a project I am working
on.

My main application is signed, I would like all libraries that I load
in my sandbox AppDomain to all be signed with the same key.

It was all going very well until a requirement of the project was for
these plugins to be stored in the GAC.

It appears that executing an application on the app domain or loading a
dll from disk will throw security exceptions if they are not signed
with the same key. However, GAC loads will occur even if they are
signed with different keys.

Please see the below code example with comments regarding my problem.


Thanks,

Gary





Code Example:

// Create an application domain

AppDomain mxlSandboxDomain = AppDomain.CreateDomain ( "PluginSandbox"
);

PolicyLevel domainPolicy = PolicyLevel.CreateAppDomainLevel ();


// Set the application domain to have a StrongNameMembershipCondition
on the
// public key of the executing assembly

StrongNameMembershipCondition snCodeMC = new
StrongNameMembershipCondition (
new StrongNamePublicKeyBlob (
System.Reflection.Assembly.GetExecutingAssembly ()
.GetName ().GetPublicKey () ), null, null );


// Allow plugins to do anything

PermissionSet fullTrustPermissionSet =
domainPolicy.GetNamedPermissionSet ( "FullTrust" );
PolicyStatement fullTrustPolicyStatement = new PolicyStatement (
fullTrustPermissionSet );
CodeGroup allCodeFulltrustCG = new UnionCodeGroup ( snCodeMC,
fullTrustPolicyStatement );
domainPolicy.RootCodeGroup = allCodeFulltrustCG;


SandboxDomain.SetAppDomainPolicy ( domainPolicy );


// The following line loads fine without throwing a SecurityException
even if RandomDllInGac
// is not signed with the StrongName of the executing assembly.

SandboxDomain.Load ( "RandomDllInGac, Version=1.0.5000.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" );


// The below line will fail because it is not signed

mxlSandboxDomain.ExecuteAssembly ( "myFile.exe" );

.