I'm researching cs-script and I'm wondering about how secure it is, out of the box. I know a script is loaded and unloaded dynamically, but can that script escape its executing assembly? i.e. can it use reflection to access and instantiate classes from other assemblies in the same process?
So my question is does cs-script come with built-in security by default or does it not bother?
In short: No, CS-script does not provide any security features out of box.
Answered here: https://stackoverflow.com/a/8692459/1657476
The immediate attractive solution is to use .NET Sandbox. It is designed exactly for this sort of scenarios.The CLR standard sandboxing is available for the host application running scripts with CS-Script. The idea is that you initialise CAS before loading the suspicious script and the rest is a CLR responsibility. And if you need to configure directories/files permissions you do it with CAS tools. This way scripting is a "transportation" for the routine provided by your user. And CS-Script is a convenient mechanism for implementing such transport but the actual security concerns are addressed by .NET Sendoxing, which has comprehensive set of functionality to cover practically all possible security scenarios. With CS-script downloadables you can find the Sendboxing sample (\Samples\Sandboxing) which demonstrates how to prevent script from file I/O operations (e.g. create file).
A sample of using .Net Security Credentials with cs-script is available at: http://www.csscript.net/Samples.html (sandbox.zip)
To make execute an untrusted cs-script securely (as isolated as possible), create a new AppDomain with Security restrictions, before loading a script (into the new app domain). Data can then be marshaled between the primary- and script-domains.
See https://msdn.microsoft.com/en-us/library/bb763046%28v=vs.110%29.aspx