RE: Code Group Question
From: Ivan Medvedev [MS] (ivanmed_at_online.microsoft.com)
Date: 07/10/03
- Next message: Marcello Drewanz: "Re: Extending .NET Cryptography with CAPICOM and P/Invoke"
- Previous message: Ivan Medvedev [MS]: "RE: DES Encryption/Decryption of Word documents"
- In reply to: Scot Curry: "Code Group Question"
- Next in thread: Shawn Farkas [MS]: "RE: Code Group Question"
- Reply: Shawn Farkas [MS]: "RE: Code Group Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 09 Jul 2003 22:12:20 GMT
Scot -
the managed IE control scenario is special in a way the security checks are
done. When the security checks walk the stack on the very top of it they
see a special AppDomain frame, whose security is based on the html page
evidence (url, zone, etc.) rather than your control evidence. To fix the
problem what you probably need is find the methods that are called directly
from the web page script and Assert() an appropriate permission in those
methods.
Hope this helps.
--Ivan
This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: Marcello Drewanz: "Re: Extending .NET Cryptography with CAPICOM and P/Invoke"
- Previous message: Ivan Medvedev [MS]: "RE: DES Encryption/Decryption of Word documents"
- In reply to: Scot Curry: "Code Group Question"
- Next in thread: Shawn Farkas [MS]: "RE: Code Group Question"
- Reply: Shawn Farkas [MS]: "RE: Code Group Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
