Re: Security exception

From: Crirus (Crirus@datagroup.ro)
Date: 02/14/03 

From: "Crirus" <Crirus@datagroup.ro>
Date: Fri, 14 Feb 2003 08:34:17 +0200

Thanks for reply
I actualy managed that exception.. In fac all my need was to runa
applet-like control.. with the same rights
I only had some embedded resources that I will extract and use.. and my way
of extracting was not allowed with default set of permissions.. I found a
better way amd all that security exceptions are gone

"Marcelo J. Birnbach" <mbirnbac@online.microsoft.com> wrote in message
news:uHBXDg60CHA.2512@TK2MSFTNGP11...
> Hi Crirus,
>
>
>
> I think I know what's going on with your control. The problem is that your
> assembly is requesting a Permission that is not given by default to the
zone
> your control is loaded from.
>
>
>
> So, the best way to give it to your assembly is by modifying the security
> policy. You can sign your control with some strong name key and update the
> policy to give it the required permission.
>
>
>
> Unfortunately this is not enough... When IE hosts managed controls creates
> an AppDomain that receives the permission given by policy to the zone the
> page comes from. So, even if you give FullTrust to your control, the
> security engine will begin a stack walk for every demand and it will fail
> because the IE AppDomain doesn't have the demanded permission. Here is a
> checklist to avoid that problem (and mostly anyone related to IE and
> security):
>
>
>
> The following applies to a managed user control intended to execute with
> greater permissions than would normally be granted to the zone the
assembly
> belongs to, most likely either Internet, Local Intranet or Trusted Sites.
>
>
>
> Check list:
>
>
>
> 1.. The user control assembly is identifiable in a manner that can be
used
> to set the membership condition in a code group either using the .NET
> Configuration Tool (Mscorcfg.msc) or caspol.exe. Signing using a strong
> name or a certificate is preferable, but other sources of identity such as
a
> URL or site can also be used.
> 2.. If strong named, the user control has the
> AllowedPartiallyTrustedCallers attribute.
> 3.. The user control asserts permissions it requires which the zone in
> which it is running would not normally be granted.
> 4.. The user control RevertAsserts immediately after performing asserted
> actions.
> 5.. The user control is hosted in an IIS folder on the server that has
an
> "execute permission" of either "none" or "scripts only".
> 6.. The client has a code group that the assembly resolves to that
grants
> the permissions the assembly requires.
> 7.. In Internet Explorer, Internet Options, Advanced Security settings,
> the "Do not save encrypted pages to disk" should be unchecked if hardening
> is in effect on server. By default, hardening will be enabled on Windows
> Server 2003. The hardening functionality is found in Control Panel, Add
or
> Remove Programs, Add/Remove Windows Components, Internet Explorer Enhanced
> Security Configuration.
> 8.. The client machine has a runtime version compatible with the version
> the assembly was compiled with.
> 9.. The code group created for the user control is in the runtime the
> control uses.
> If problems occur, the Fusionbinderror log in "C:\Documents and
> Settings\<username>\Local Settings\Temporary Internet Files" may indicate
> what did not work. However, the log will need to be copied to another
> folder to be opened.
>
>
>
>
>
> "Crirus" <Crirus@datagroup.ro> wrote in message
> news:Ocjgo9dwCHA.1928@TK2MSFTNGP10...
> > That's why I post here, because I have no ideea what is all this
> > PermisionsAttribute about
> >
> >
> >
> > "Phil Wilson" <phil.wilson@unisys.spamcom> wrote in message
> > news:#HevykZwCHA.2516@TK2MSFTNGP09...
> > > The documentation implies that a .NET ActiveX control needs to set the
> > UnmanagedCode property:
> > > Quote:
> > >
> > > "Running an ActiveX control requires unmanaged code permission, which
is
> > set with the
> > > SecurityPermissionAttribute.UnmanagedCode property. For more
information
> > about security and
> > > unmanaged code permission, see SecurityPermissionAttribute class. "
> > >
> > > "Crirus" <Crirus@datagroup.ro> wrote in message
> > news:eCvnYkIwCHA.1636@TK2MSFTNGP12...
> > > > Hello again.
> > > >
> > > > Noone have some suggestions on this topic, please...?
> > > >
> > > > How can I use some pictures in an assemly inder IE.
> > > > I have a userControl embeded in html page and I wand to use some
> > pictures to
> > > > be draw in it.
> > > >
> > > > Crirus
> > > >
> > > >
> > > > "Crirus" <Crirus@datagroup.ro> wrote in message
> > > > news:#63VLXUvCHA.1656@TK2MSFTNGP09...
> > > > > I isolated somehow the code that generate the error:
> > > > >
> > > > > ' Dim bitmapID As Bitmap
> > > > >
> > > > > ' Dim resourceManager = New
resourceManager("Crirus.Gamer.terrain",
> > > > > Me.GetType.Assembly)
> > > > >
> > > > > There is another way on use resources, instead embedding it in
> > assambly? I
> > > > > use the assambly under IE from a server, just like an applet!
> > > > >
> > > > > Crirus
> > > > >
> > > > >
> > > > > "Crirus" <Crirus@datagroup.ro> wrote in message
> > > > > news:OBIRwUTvCHA.1776@TK2MSFTNGP09...
> > > > > > ok!
> > > > > > This is the behaviour:
> > > > > > I browse with IE a server. I got the page from the server with
my
> > > > control
> > > > > > embeded.
> > > > > > When is initialised, I got that security exception:
> > > > > >
> > > > > > If my NET Framework trust zone is set to full trust for my site
> > address,
> > > > > > this error is not raised:
> > > > > > I can push Continue butto, but it's anoing because I really dont
> > need
> > > > > right
> > > > > > on client mashine, just an applet behaviour is what I need
> > > > > >
> > > > > >
> > > > > >
> > > > > > See the end of this message for details on invoking
> > > > > > just-in-time (JIT) debugging instead of this dialog box.
> > > > > >
> > > > > > ************** Exception Text **************
> > > > > > System.Security.SecurityException: Request for the permission of
> > type
> > > > > > System.Security.Permissions.ReflectionPermission, mscorlib,
> > > > > > Version=1.0.3300.0, Culture=neutral,
> PublicKeyToken=b77a5c561934e089
> > > > > failed.
> > > > > > at
> > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet
> > > > > > grantedSet, PermissionSet deniedSet, CodeAccessPermission
demand,
> > > > > > PermissionToken permToken)
> > > > > > at System.Reflection.RuntimeMethodInfo.InternalInvoke(Object
> obj,
> > > > > > BindingFlags invokeAttr, Binder binder, Object[] parameters,
> > CultureInfo
> > > > > > culture, Boolean isBinderDefault, Assembly caller, Boolean
> > verifyAccess)
> > > > > > at System.Reflection.RuntimeMethodInfo.InternalInvoke(Object
> obj,
> > > > > > BindingFlags invokeAttr, Binder binder, Object[] parameters,
> > CultureInfo
> > > > > > culture, Boolean verifyAccess)
> > > > > > at System.Reflection.RuntimeMethodInfo.Invoke(Object obj,
> > > > BindingFlags
> > > > > > invokeAttr, Binder binder, Object[] parameters, CultureInfo
> culture)
> > > > > > at
> > > > Microsoft.VisualBasic.CompilerServices.VBBinder.InvokeMember(String
> > > > > > name, BindingFlags invokeAttr, Type objType, Object target,
> Object[]
> > > > args,
> > > > > > ParameterModifier[] modifiers, CultureInfo culture, String[]
> > > > > > namedParameters)
> > > > > > at
> > Microsoft.VisualBasic.CompilerServices.LateBinding.LateGet(Object
> > > > o,
> > > > > > Type objType, String name, Object[] args, String[] paramnames,
> > Boolean[]
> > > > > > CopyBack)
> > > > > > at Crirus.Gamer.Assault.getPicture(String ImgResName)
> > > > > > at Crirus.Gamer.Assault.Initialize()
> > > > > > at Crirus.Gamer.Assault.HexMap_Load(Object sender, EventArgs
e)
> > > > > > at System.Windows.Forms.UserControl.OnLoad(EventArgs e)
> > > > > > at System.Windows.Forms.UserControl.OnCreateControl()
> > > > > > at System.Windows.Forms.Control.CreateControl(Boolean
> > fIgnoreVisible)
> > > > > > at System.Windows.Forms.Control.CreateControl()
> > > > > > at System.Windows.Forms.Control.WmShowWindow(Message& m)
> > > > > > at System.Windows.Forms.Control.WndProc(Message& m)
> > > > > > at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
> > > > > > at System.Windows.Forms.ContainerControl.WndProc(Message& m)
> > > > > > at System.Windows.Forms.UserControl.WndProc(Message& m)
> > > > > > at
System.Windows.Forms.ControlNativeWindow.OnMessage(Message&
> m)
> > > > > > at
> > > > > >
> > > > >
> > > >
> >
>
System.Windows.Forms.ActiveXImpl.System.Windows.Forms.IWindowTarget.OnMessag
> > > > > > e(Message& m)
> > > > > > at
> > > > > >
> > > > >
> > > >
> >
>
System.Windows.Forms.ActiveXImpl.System.Windows.Forms.IWindowTarget.OnMessag
> > > > > > e(Message& m)
> > > > > > at System.Windows.Forms.ControlNativeWindow.WndProc(Message&
m)
> > > > > > at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd,
> Int32
> > msg,
> > > > > > IntPtr wparam, IntPtr lparam)
> > > > > >
> > > > > >
> > > > > > ************** Loaded Assemblies **************
> > > > > > mscorlib
> > > > > > Assembly Version: 1.0.3300.0
> > > > > > Win32 Version: 1.0.3705.288
> > > > > > CodeBase:
> > > > > >
file:///c:/windows/microsoft.net/framework/v1.0.3705/mscorlib.dll
> > > > > > ----------------------------------------
> > > > > > System
> > > > > > Assembly Version: 1.0.3300.0
> > > > > > Win32 Version: 1.0.3705.288
> > > > > > CodeBase:
> > > > > >
> > > > >
> > > >
> >
>
file:///c:/windows/assembly/gac/system/1.0.3300.0__b77a5c561934e089/system.d
> > > > > > ll
> > > > > > ----------------------------------------
> > > > > > System.Drawing
> > > > > > Assembly Version: 1.0.3300.0
> > > > > > Win32 Version: 1.0.3705.288
> > > > > > CodeBase:
> > > > > >
> > > > >
> > > >
> >
>
file:///c:/windows/assembly/gac/system.drawing/1.0.3300.0__b03f5f7f11d50a3a/
> > > > > > system.drawing.dll
> > > > > > ----------------------------------------
> > > > > > RegexAssembly82_0
> > > > > > Assembly Version: 0.0.0.0
> > > > > > Win32 Version: n/a
> > > > > > CodeBase:
> > > > > > ----------------------------------------
> > > > > > Assault
> > > > > > Assembly Version: 1.0.0.0
> > > > > > Win32 Version: n/a
> > > > > > CodeBase: http://assault/Assault.DLL
> > > > > > ----------------------------------------
> > > > > > System.Windows.Forms
> > > > > > Assembly Version: 1.0.3300.0
> > > > > > Win32 Version: 1.0.3705.288
> > > > > > CodeBase:
> > > > > >
> > > > >
> > > >
> >
>
file:///c:/windows/assembly/gac/system.windows.forms/1.0.3300.0__b77a5c56193
> > > > > > 4e089/system.windows.forms.dll
> > > > > > ----------------------------------------
> > > > > > Microsoft.VisualBasic
> > > > > > Assembly Version: 7.0.3300.0
> > > > > > Win32 Version: 7.00.9502
> > > > > > CodeBase:
> > > > > >
> > > > >
> > > >
> >
>
file:///c:/windows/assembly/gac/microsoft.visualbasic/7.0.3300.0__b03f5f7f11
> > > > > > d50a3a/microsoft.visualbasic.dll
> > > > > > ----------------------------------------
> > > > > > System.Xml
> > > > > > Assembly Version: 1.0.3300.0
> > > > > > Win32 Version: 1.0.3705.288
> > > > > > CodeBase:
> > > > > >
> > > > >
> > > >
> >
>
file:///c:/windows/assembly/gac/system.xml/1.0.3300.0__b77a5c561934e089/syst
> > > > > > em.xml.dll
> > > > > > ----------------------------------------
> > > > > > Accessibility
> > > > > > Assembly Version: 1.0.3300.0
> > > > > > Win32 Version: 1.0.3705.0
> > > > > > CodeBase:
> > > > > >
> > > > >
> > > >
> >
>
file:///c:/windows/assembly/gac/accessibility/1.0.3300.0__b03f5f7f11d50a3a/a
> > > > > > ccessibility.dll
> > > > > > ----------------------------------------
> > > > > >
> > > > > > ************** JIT Debugging **************
> > > > > > To enable just in time (JIT) debugging, the config file for this
> > > > > > application or machine (machine.config) must have the
> > > > > > jitDebugging value set in the system.windows.forms section.
> > > > > > The application must also be compiled with debugging
> > > > > > enabled.
> > > > > >
> > > > > > For example:
> > > > > >
> > > > > > <configuration>
> > > > > > <system.windows.forms jitDebugging="true" />
> > > > > > </configuration>
> > > > > >
> > > > > > When JIT debugging is enabled, any unhandled exception
> > > > > > will be sent to the JIT debugger registered on the machine
> > > > > > rather than being handled by this dialog.
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>