Sandboxing with AppDomain

softwarejaeger

Hello, i want to restrict the file-access for the "IPlugin"-Object (except the same folder where the assembly is in), which i load over my AppDomain from another Assembly (which is in the same bin folder as the host-app). But the "IPlugin"-Instance can write over "finder.PerformAction(null)" everywhere Oo what i'm doing wrong?

   PermissionSet ps = new PermissionSet(PermissionState.None);
        ps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
        FileIOPermission fP = new FileIOPermission(PermissionState.None);
        fP.AllFiles = FileIOPermissionAccess.NoAccess;
        fP.AddPathList(FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read, Environment.CurrentDirectory);


        ps.AddPermission(fP);
        


            AppDomainSetup ads = new AppDomainSetup();
            ads.ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase;
            AppDomain domain = AppDomain.CreateDomain("Plugins", AppDomain.CurrentDomain.Evidence, ads, ps, CreateStrongName(System.Reflection.Assembly.GetExecutingAssembly()));
            IPlugin finder = (IPlugin)domain.CreateInstanceFromAndUnwrap("MyPluginTest.dll", "MyPluginTest.IPluginTest");
            finder.PerformAction(null);