Microsoft’s introduction of “Sandboxed Solutions” in SharePoint 2010 has raised a number of questions for developers. Here, SharePoint911 consultant Larry Riemann tries to answer those questions.

SD Times: What is the difference between a WSP that has been built as a Sandbox solution and one that is built as a Farm Solution?
Larry Riemann: Nothing. They are identical (depending on your point of view, there may be a few exceptions, one possible exception is noted below).

Can a solution that has been created as a Sandbox solution be installed as a Farm solution?
Yes (there should not be any problems with this).

Can a solution that has been created as a Farm solution be installed as a Sandbox solution?
Yes, however there are caveats with this (this may not be all of them):
– Features in the solution must be scoped at the Site Collection or Site level
– Any assemblies in the solution must be marked with the AllowPartiallyTrustedCallers attribute
– Any code cannot violate the CAS policy for the User Code Service
– Artifacts in the solution must be allowed in Sandbox

In other words, it functionally has to be a Sandboxable solution.

Will the Default SharePoint Solution Validator for Sandbox solutions check you solution to make sure it is Sandbox-safe?
No, the default validator does not do anything (at least that I can tell), and you will get various types of runtime errors if items in the solution violate the Sandbox. Some of those exceptions will occur during activation, and others when executing or rending an artifact.

What does marking a Visual Studio SharePoint solution as a Sandbox solution really do?

It tells Visual Studio a couple of things:
– Where to deploy the solution (i.e. the farm or the site collection solution store)
– Marks assemblies to allow partially trusted callers
(NOTE: If your solution contains assemblies, this could be the one difference between a solution created as a Sandbox Solution and as Farm Solution. You can mark assemblies in a Farm Solution to allow partially trusted calls, also.)
– Tells Visual Studio to restrict IntelliSense to only SharePoint APIs that are available in the Sandbox
(NOTE:  Visual Studio is only restricting IntelliSense and not the compiler, so if you copy and paste (or just type) code into a solution, it may very well compile but cause a runtime error when you try to run it in the Sandbox. There is a Visual Studio add-on that will actually restrict the compiler, but it is not part of Visual Studio out of the box.)

Larry Riemann is a consultant with SharePoint911.