ASP.NET Code access security

From: Tim Clamp (TClamp@welcom.com)
Date: 04/09/03 

From: "Tim Clamp" <TClamp@welcom.com>
Date: Wed, 9 Apr 2003 10:37:21 -0700

The error really goes deeper than the Code Access
Security model. It deals with Windows security
permissions on the directory.

The ASPNET_WP runs by default under the ASPNET user,
which has very limited access. By implementing
impersonation, you are changing the account that
ASPNET_WP runs under. This account, which has greater
access, is able to write files to the directory.

I hope this helps!

Tim Clamp
>-----Original Message-----
>I am beginner when it comes to .NET Security.
>
>I understand that we can control the code access
>permissions using CASPOL utility or through mscorcfg.msc
>tool. I wrote an ASP.NET WebForms application that
writes
>to a file in the c: drive. I received an error saying
>access denied when the code attempted to access the C
>drive. So, I set the authentication to Windows and
>Identity-Impersonate to true in the Web.config file.
This
>made it work. I started thinking about the Code Access
>Security. The ASP.NET application belongs to the Code
>Group of "My_Computer_Zone" in the machine level
security
>policy and also the Code Group has permission set to
>FullTrust. Why am I not able to do a File IO operation
>without setting the impersonation to true?
>
>Note: I did not alter the default security policy
settings
>in my machine.
>
>It would be really helpful if somebody could take a
moment
>to answer my question.
>.
>

Relevant Pages

  • RE: Do all three permission classes (Identity Permission, Code Access Permission and Role Based Perm
    ... They are different types of permissions -- I was just grouping them together to distinguish them from role based security permissions, ... You could say that evidence based security is granting, and CAS is the subsystem that does the demanding if that's consistent with the ... I just tend to group the whole system together under the CAS umbrella. ... Do all three permission classes (Identity Permission, Code Access Permission and Role Based Permission) fall under CAS? ...
    (microsoft.public.dotnet.security)
  • Re: turning of the Code Access Security
    ... This property is used by the Code Access Security Policy Tool ... CAUTION Disabling code access security makes the system vulnerable to ... security system, and should only be done with the most extreme caution. ...
    (microsoft.public.dotnet.security)
  • ASP.NET Code access security
    ... I am beginner when it comes to .NET Security. ... permissions using CASPOL utility or through mscorcfg.msc ... I started thinking about the Code Access ... I did not alter the default security policy settings ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Code Access Security
    ... permissions using CASPOL utility or through mscorcfg.msc ... I started thinking about the Code Access ... Group of "My_Computer_Zone" in the machine level security ... I did not alter the default security policy settings ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • ASP.NET - code access security
    ... permissions using CASPOL utility or through mscorcfg.msc ... I started thinking about the Code Access ... Group of "My_Computer_Zone" in the machine level security ... I did not alter the default security policy settings ...
    (microsoft.public.dotnet.framework.aspnet.security)