Sandboxed Solutions

SharePoint 2010 adds a new deployment model for SharePoint called Sandboxed Solutions. It is a controlled solution packaging format that offers SharePoint Server Farm owners a way to easily mitigate risk that custom code will cause issues for them. It does this by restricting the API's that can be called and governing resources that can be used. Because of this Sandboxed Solutions provide a solution package that can be easily deployed to a shared server environment. This talk will describe what Sandboxed Solutions are, it will demonstrate how to create them with Visual Studio 2010 and how to deploy and monitor them on SharePoint farms.

Hands-On Labs

  • Sandboxed Solutions Lab

    : The support for sandboxed solutions provides an important new deployment mechanism for SharePoint. With a development methodology that is the same for ‘full’ solutions the key focus point is not on what to build, but on what can be built. In this lab exercise you will construct a basic Web Part that will call into the SharePoint API to retrieve some information. Next it will try and use SPSecurity to try and elevate privileges. The third and last action that is added is an attempt to initiate a HTTP connection to an external site.


  • Introducing Sandboxed Solutions

    Sandboxed Solutions are SharePoint Solution Package files (WSP files) that are limited in what they can do and in the server resources they can use. What they can do is limited using Process Isolation and Code Access Security limited to the SharePoint Site. The resources they can use are limited by process monitoring, logging and log aggregation.

  • Executing Code in the Sandbox

    The Sandboxed Solutions Service provides for a complete isolation system that ensures code running in a sandboxed solution cannot reach out to access information beyond the scope of the deployment. Specifically, sandboxed solutions will not be able to make updates to the SharePoint object model beyond the scope of the SPSite object. Farm level and web application level changes are allowed only for read operations.