Re: security/strong name/zones clarification needed
From: Mark Levison (firstname.lastname@example.org)
From: "Mark Levison" <email@example.com> Date: Fri, 11 Apr 2003 16:10:13 -0400
> 2) Assert permissions in your control so that the stack walk never makes
> to the app domain.
But doesn't CodeAccessPermission.Assert() require the
SecurityPermissionFlag.Assertion to be set? Which if I check caspol isn't
enabled by default for the internet permission set.
This leads me to the difficult problem. How I can tell if the end-user has
granted our application more than the internet level of trust? It seems
that any call to Demand() for a non-internet permission will fail for the
reasons you and Shawn outline in this thread.
Should I try an Assert on SecurityPermissionFlag.Assertion, then if that
fails just try the normal demand route?
Is there a good set of Examples/Tutorials on using CodeAccessPermissions
with Internet deployed apps? (I'm familiar with the msdn articles by Don
Box, Chris Sells and Jason Clark).
Insecure and having trouble Asserting my self