S&box Wiki

Code Accesslist

s&box uses an accesslist to restrict which types and members you can access from your code. This is necessary to prevent access to dangerous functions such as Process.Start, DllImport, or reflection. You can only access types and members that are allowed in the accesslist below.

How it works

After your addon gets compiled the generated assembly will be scanned for all used types. Any call to a type or member that is not allowed explicitly will result in the addon not getting loaded.

Reporting a bug

Since escaping or bypassing the sandbox would result in serious security issues (such as getting infected with malware just by joining servers), please report them properly as described here. Do not report them publicly.

Accesslist

The access list can be viewed by opening the "Sandbox.Access.dll" file found in the "bin/managed" directory.

image.png

The free and popular tool, DotPeek will allow you to explore these C# DLL files. Inside the decompiled DLL file you will find information regarding the access list in the AccessRules and Rules files under the Sandbox namespace.

image.png