Where are Assemblies in Sandboxed Solutions Deployed?
This topic describes where and how assemblies in sandboxed solutions are deployed.
Applies to: SharePoint Foundation 2010
The fact that sandboxed solutions cannot deploy files to a file system of servers raises the question of where the assemblies in sandboxed solutions are deployed and persisted.
The Sandbox Solution framework provides a mechanism for executing user-provided code outside of the IIS worker process. The Sandbox Solution framework should not be used as a mechanism for enforcing security boundaries when executing user code. Sandbox Solutions are not supported as a security boundary with user code, especially code of unknown origin. We advise against executing Sandbox Solutions of unknown origins.
The contents of the .package file in a sandboxed solution that is open in Microsoft Visual Studio says that the global assembly cache is the deployment target of assemblies in sandboxed solutions. As this topic makes clear, this is not the case.
Deployment and Persistence of Sandboxed Solutions
The assemblies in a sandboxed solution are included in the solution package (.wsp file), and the package is deployed to the site collection's Solutions Gallery. When a sandboxed solution is accessed for the first time, such as when a user navigates to a page that contains a Web Part from a sandboxed solution, any assemblies in the solution are extracted from the package in the gallery and copied to the file system of the server that is handling the sandboxed request. The location is C:\ProgramData\Microsoft\SharePoint\UCCache. The executable of this service is SPUCHostService.exe. The server that handles the sandboxed request is not necessarily the front-end web server that is handling the initial HTTP request: The Microsoft SharePoint Foundation Sandboxed Code Service can be run on back-end application servers in the farm instead. Because the sandboxed user process (SPUCWorkerProcess.exe) cannot copy anything to the file system, the copying is done by the Microsoft SharePoint Foundation Sandboxed Code Service.
The assemblies of a sandboxed solution do not stay in the file cache perpetually. When the user session that accessed the solution ends, the assemblies stay in the cache for only a short time, and they may be reloaded from there if another user session accesses them. Eventually, if they are not accessed, they are removed in accordance with a proprietary algorithm that takes into account how busy the server is and how much time has gone by since the assemblies were last accessed. If the sandboxed solution is used after that time, the assemblies are extracted again and copied to the UCCache.
Administrators, developers, and third-party code should not add, remove, or load anything from the UCCache. It should only be accessed by the SharePoint infrastructure.