ASP.NET - code access security

From: Vidhya N (vidhyan@yahoo.com)
Date: 04/08/03

  • Next message: John Snyde: "Javascript MD5 vs asp.net MD5" 
    From: "Vidhya N" <vidhyan@yahoo.com>
Date: Tue, 8 Apr 2003 14:16:08 -0700

    I understand that we can control the code access
    permissions using CASPOL utility or through mscorcfg.msc
    tool. I wrote an ASP.NET WebForms application that writes
    to a file in the c: drive. I received an error saying
    access denied when the code attempted to access the C
    drive. So, I set the authentication to Windows and
    Identity-Impersonate to true in the Web.config file. This
    made it work. I started thinking about the Code Access
    Security. The ASP.NET application belongs to the Code
    Group of "My_Computer_Zone" in the machine level security
    policy and also the Code Group has permission set to
    FullTrust. Why am I not able to do a File IO operation
    without setting the impersonation to true?

    Note: I did not alter the default security policy settings
    in my machine.

    It would be really helpful if someone could take a moment
    to answer my question.

  • Next message: John Snyde: "Javascript MD5 vs asp.net MD5"

    Relevant Pages

    • RE: Do all three permission classes (Identity Permission, Code Access Permission and Role Based Perm
      ... They are different types of permissions -- I was just grouping them together to distinguish them from role based security permissions, ... You could say that evidence based security is granting, and CAS is the subsystem that does the demanding if that's consistent with the ... I just tend to group the whole system together under the CAS umbrella. ... Do all three permission classes (Identity Permission, Code Access Permission and Role Based Permission) fall under CAS? ...
      (microsoft.public.dotnet.security)
    • RE: Do all three permission classes (Identity Permission, Code Access Permission and Role Based Perm
      ... Most of the publications I have read have said that permissions fall into three categories: ... only permissions which derive from System.Security.CodeAccessPermission are CAS permissions. ... classify them as a code access permission and an identity permission, since StrongNameIdentityPermission is also a code access security ... Would you consider the Code Access Security policy system to be the system that takes evidence and a security policy ...
      (microsoft.public.dotnet.security)
    • ASP.NET Code access security
      ... The error really goes deeper than the Code Access ... It deals with Windows security ... >permissions using CASPOL utility or through mscorcfg.msc ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • ASP.NET Code access security
      ... I am beginner when it comes to .NET Security. ... permissions using CASPOL utility or through mscorcfg.msc ... I started thinking about the Code Access ... I did not alter the default security policy settings ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Code Access Security
      ... permissions using CASPOL utility or through mscorcfg.msc ... I started thinking about the Code Access ... Group of "My_Computer_Zone" in the machine level security ... I did not alter the default security policy settings ...
      (microsoft.public.dotnet.framework.aspnet.security)