Our several products allow users to run cBots and install Custom Indicators. In order to protect our users from malware code we run every cBot or Custom Indicator in a sandboxed environment.
cBots and Custom Indicators must declare desired access rights by specifying the AccessRights property of Robot or Indicator attribute.
cBot/Indicator The declared access rights could be a combination of the following access rights:
- None: It will have only access to platform API provided data, it will not be able to access network, files, or anything outside the scope of platform
- FullAccess: The unlimited access rights, it can access network/internet, read/write files, run other executables, etc...
Older versions of cTrader before migrating to .NET (6++) from .NET framework had several other access rights like:
- Registry: Allowed registry access
- File: Allowed file system access
- Internet: Allowed access to internet/network
Those access rights are now obsolete, you can't use them on versions after cTrader 4.2 which the migration from .NET framework to .NET 6 happened.
If your cBot/Indicator uses any of abovementioned obsolete access rights it will still work fine, you only have to change it if you want to use new cTrader 4.2 project style, use FullAccess instead.
None Algorithm doesn’t require any access rights. When such cBot or Custom Indicator will be added to the chart the access rights dialog will not be shown.
Algorithms which declare FullAccess as access rights can use all the power of .NET including import WinApi functions, use the .NET Reflection, creating windows, etc.
Example of several access rights declaration in one indicator:
In case AccessRights.FullAccess is declared, the following dialog will be prompted:
Security Exception If algorithm tries to perform restricted action the Security exception will be thrown.
For example, if cBot tries to read from a text file while it's access rights is set to AccessRights.None, cBot will be stopped and the following message will appear in the log:
Crashed in OnStart with SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=126.96.36.199, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
If you are not going to distribute your algorithms it is recommended to specify AccessRights.FullAccess for all your algorithms.
In such case you will avoid Security Exceptions during the development of your algorithms.
If you are going to distribute your cBots or Custom Indicators over cTDN or other networks it is recommended to specify AccessRights.None.