Sandboxed Solution Considerations

Sandboxed solutions are a feature in SharePoint 2010/2013 that enables site collection users to upload their own custom code solutions.

A sandboxed SharePoint application runs in a secure, monitored process that has access to a limited part of the Web farm.

Specify the site and security level for debugging

Why Sandboxed Solutions?

In WSS 3.0, solutions could be deployed only to the farm level. This meant that potentially harmful or destabilizing solutions could be deployed that affected the whole Web farm and all of the other site collections and applications that run under it. However, by using sandboxed solutions, you can deploy your solutions to a subarea of the farm, a specific site collection. To provide additional protection, the solution’s assembly is not loaded into the main IIS process (w3wp.exe). Instead, it is loaded into a separate process (SPUCWorkerProcess.exe). This process is monitored and implements quotas and throttling to protect the farm from sandboxed solutions that perform harmful activities, such as running tight loops that consume CPU cycles.

Sandboxed Solution Limitations
When a sandboxed solution is deployed, the array of SharePoint functionality available to it is limited to help reduce any security vulnerabilities it may have. Some of these limitations include the following:
  • Sandboxed solutions have a restricted subset of deployable solution elements available to them. Potentially vulnerable SharePoint project templates, such as site definitions and workflows, are not available.
  • SharePoint runs sandboxed solution code in a process (SPUCWorkerProcess.exe) separate from the main IIS application pool (w3wp.exe) process.
  • Mapped folders cannot be added to the project.
  • Types in the Microsoft SharePoint Server 2010 assembly Microsoft.Office.Server cannot be used in sandboxed solutions. Also, only types in the Microsoft SharePoint Foundation 2010 assembly Microsoft.SharePoint can be used in sandboxed solutions.

It is important to note that specifying a SharePoint solution as a sandboxed solution has no affect on SharePoint server; it only determines how the SharePoint project is deployed to SharePoint from Visual Studio and what assemblies it binds to. It does not affect the generated .wsp file, and the .wsp file has no data that directly correlates to the Sandboxed Solution property.

Capabilities and Elements in Sandboxed Solutions
  • Sandboxed solutions support the following capabilities :
    • List Definitions
    • List Instances
    • Onet.xml
    • WebTemplate feature elements (instead of Webtemp.xml)
    • Content Types/Fields
    • Navigation
    • Module/files
    • Feature callouts
    • Web Parts
    • Support for all Web Parts that derive from System.Web.UI.WebControls.WebParts.WebPart
    • Event receivers
    • SPItemEventReceiver
    • SPListEventReceiver
    • SPWebEventReceiver
    • Custom actions
    • Declarative workflows
  • Sandboxed solutions do not support the following elements:
    • Visual Web Parts
    • Application Pages
    • Custom Action Group
    • HideCustomAction element
    • Web Application-scoped features
    • Farm-scoped features
    • Workflows with code

Enjoy 🙂

See also Differences between Sandboxed and Farm Solutions

One thought on “Sandboxed Solution Considerations

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s