cBots and Custom Indicators access rights
Our several products allow users to run cBots and install Custom Indicators. In order to protect our users from malware code we run every cBot or Custom Indicator in a sandboxed AppDomain.
cBots and Custom Indicators must declare desired access rights by specifying the AccessRights property of Robot or Indicator attribute.
[Robot(AccessRights = AccessRights.Internet)] public class SampleSARTrailingStop : Robot
[Indicator(AccessRights = AccessRights.None)] public class SampleEMA : Indicator
The declared access rights could be a combination of the following access rights:
|None||Algorithm doesn’t require any access rights. When such cBot or Custom Indicator will be added to the chart the access rights dialog will not be shown.|
|FileSystem||Access to file system.|
|Internet||Access to Internet or other networks.|
|Registry||Access to windows registry.|
|FullAccess||The unlimited access rights. Algorithms which declare FullAccess as access rights can use all the power of .NET framework including import WinApi functions, use the .NET Reflection, creating windows, etc.|
Example of several access rights declaration in one indicator:
[Indicator(TimeZone = TimeZones.UTC, AccessRights = AccessRights.Internet | AccessRights.Registry)] public class MyIndicator : Indicator
In this case the following dialog will be prompted when indicator is added to the chart:
If algorithm tries to perform restricted action the Security exception will be thrown. For example, if cBot tries to read from a text file while neither AccessRights.FileSystem nor AccessRights.FullAccess are chosen, cBot will be stopped and the following message will appear in the log:
Crashed in OnStart with SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=220.127.116.11, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
If cBot or Custom Indicator doesn’t specify the desired access rights, AccessRights.FullAccess is considered to be chosen.
If you are not going to distribute your algorithms it is recommended to specify AccessRights.FullAccess for all your algorithms. In such case you will avoid Security Exceptions during the development of your algorithms.
If you are going to distribute your cBots or Custom Indicators over cTDN or other networks it is recommended to specify AccessRights.None.