Architecture for Compiling and Executing C# Code within a MUD Server - wwestlake/Labyrinth GitHub Wiki

Architecture for Compiling and Executing C# Code within a MUD Server

Technical Components:

  1. Roslyn Compiler: Utilize the Roslyn .NET Compiler Platform for dynamic C# code compilation at runtime.
  2. Execution Environment: Implement a secure, sandboxed environment for isolated code execution.
  3. Script Management API: Backend API for managing script lifecycle (upload, compile, execute, delete).
  4. Admin UI Integration: Connect the script management API with the Admin UI for direct interaction.
  5. Security and Restrictions:
    • Sandboxing: Use AppDomains for code isolation.
    • Code Analysis: Pre-execution analysis to block dangerous operations.
    • Permission Sets: Limit accessible namespaces and classes.

Recommendations:

  1. Roslyn Scripting API: Use for secure, sandboxed script execution.
  2. Custom Whitelisting: Only allow specific namespaces/classes.
  3. Time and Memory Limits: Prevent resource abuse with execution limits.
  4. Logging and Auditing: Track script execution for auditing and debugging.
  5. Regular Security Reviews: Update security measures continuously.

This architecture ensures secure, maintainable C# code execution within the MUD server.