Re: running app from network drive

From: Michel Gallant \(MVP\) (neutron_at_istar.ca)
Date: 04/29/03 

Date: Tue, 29 Apr 2003 12:41:53 -0400

Files originating from network shares belong to the "Local Intranet"
zone. It is unwise to enable network shares with broad permissions
(via security config tool Mscorcfg.msc) since network viruses tend
to target open network shares!

For testing purposes, you might want to do something like:
 - create child code group under All_Code | LocalIntranet_Zone
 - Membership Condition ; I recommend Hash since this will only
    allow the exact assembly you deploy; alternatively you can sign
    your assemblies and use the Publisher condition to isolate permissions
    to assemblies signed with your unique certificate. The disadvantage of
    the Hash evidence is that you need to update the setting whenever you
    recompile your assembly
  - assign whatever permission set your assembly needs.

I recommend reading these intro. articles:
   http://msdn.microsoft.com/msdnmag/issues/02/06/rich/default.aspx
   http://msdn.microsoft.com/msdnmag/issues/02/07/NetSmartClients/default.aspx

when you understand these articles, you can tackle the more abstract article:
 "Security in .NET: Enforce Code Access Rights with the Common Language Runtime"
  http://msdn.microsoft.com/msdnmag/issues/01/02/CAS/default.aspx

 - Mitch

"ToddT" <NOturczytj@SPAMmaritz.com> wrote in message
news:3t6tav47snblmv475tpbhjf7bt38sko7to@4ax.com...
> i get a security exception when trying to run my .net app from a
> network file server. i understand that i need to change the
> permissions for the exe and dlls using the .net framework
> configuration util located in administration tools.
>
> i run the config app, add my app to it, but now i am confused as what
> to do next. can somebody help?
>
> also, can this security permission be set during installation? how?
>

Relevant Pages

  • Re: Reason behind implicit FullTrust LinkDemand?
    ... The removal of permissions from the Internet Zone or the ... time to protect the System* assemblies from this attack. ... the security holes are patched. ... The knew the LinkDemand would be a fix. ...
    (microsoft.public.dotnet.security)
  • Re: Okay.. what is going on here .. Security error?
    ... and changed the local intranet permissions setting - ... > against the security policy, and a permission grant is generated. ... > there is a more restrictive policy placed on LocalIntranet assemblies. ...
    (microsoft.public.dotnet.security)
  • Re: .net security vs. windows security
    ... granted the permissions associated with that code-group. ... assemblies being digitally signed with the private ... certificates can figure quite prominently into CAS infrastructure. ... >> Generally speaking Code Access Security, ...
    (microsoft.public.dotnet.security)
  • Re: Confusion about .Net AllowPartiallyTrustedCallers (IE).
    ... To get around the security exceptions that occur; ... The assumption is that strong named assemblies will often have more ... more permissions to perform this task. ... have Full Trust. ...
    (microsoft.public.dotnet.security)
  • Re: running app from network drive
    ... It is unwise to enable network shares with broad permissions ... > to assemblies signed with your unique certificate. ... >> i run the config app, add my app to it, but now i am confused as what ...
    (microsoft.public.dotnet.security)