AppDomain Security vs Reflection Emit

[RxDave]

The malicious client example app doesn't work as it used to.

Seems that Reflection Emit is demanding full trust now. Qactive only asserts Reflection permission but apparently that's not enough. Did Emit always demand full trust or did something change in Rx?

Unfortunately, if full trust is required by Rx's Qbservable Provider (the call to Subscribe) then CAS security may be useless here and all of the AppDomain code may be removed.

Alternatively, consider writing a custom Qbservable Provider just like Rx but relaxing the permission set, if possible. Perhaps one way to do this is to ensure that the expression tree is compiled outside of the call to Subscribe and therefore full trust can be asserted? (Note that asserting full trust around the call to Subscribe entirely defeats the purpose of using CAS because it means that the client's entire query will be running with full trust!)

[RxDave]

Fixed by wrapping Rx's queryable implementation and ensuring that the expression is compiled with full trust but the call to Subscribe is not. I'm using reflection, so it's a fragile solution; however, I've also added a new ISecureQbservable interface that theoretically Rx could adopt (as can custom queryable providers) and then the reflection can be removed.