Re: Is it secure to not refuse permissions in a non-referenced assembly?

From: Shel Blauman [MSFT] (sheldonb_at_online.microsoft.com)
Date: 09/11/03

  • Next message: Eugene V. Bobukh [MS]: "Re: Is it secure to not refuse permissions in a non-referenced assembly?" 
    Date: Thu, 11 Sep 2003 12:56:31 -0700

    You could do a PermitOnly on the permissions your assembly uses. That
    implicitly denies the permissions it does not require.

    Shel 

    -- 
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Keith Patrick" <richard_keith_patrick@hotmail.com> wrote in message
news:%234Kz0rJeDHA.3024@tk2msftngp13.phx.gbl...
> If I want to refuse all unnecessary permissions, should I add references
to
> those permissions that aren't even referenced in my project?  I know the
> idea is to be able to permview an assembly and know that it can't, for
> instance, query a database, but if I do not reference the assembly that
> would allow that, I would think that I can prove that my app doesn't query
a
> DB just by looking at its referenced assemblies.  On the other hand, I
> realize that I could conceivably load the assembly dynamically and invoke
a
> method call that way.  But if that is true, then I would have to add
> references to several assemblies I don't use just to refuse all 19
built-in
> permissions.
>
>
  • Next message: Eugene V. Bobukh [MS]: "Re: Is it secure to not refuse permissions in a non-referenced assembly?"

    Relevant Pages

    • Re: Reason behind implicit FullTrust LinkDemand?
      ... The removal of permissions from the Internet Zone or the ... time to protect the System* assemblies from this attack. ... the security holes are patched. ... The knew the LinkDemand would be a fix. ...
      (microsoft.public.dotnet.security)
    • Reason behind implicit FullTrust LinkDemand?
      ... The .NET Framework assemblies ... One may counter argue that the implicit FullTrust ... LinkDemand just forces users to grant full trust to code that doesn't really ... permissions describing custom actions allowed or not in the system. ...
      (microsoft.public.dotnet.security)
    • Re: security/strong name/zones clarification needed
      ... Was this also true in the Intranet Zone? ... >child code-group with full permissions granted to any ... >> needs to host the CLR, it creates an AppDomain, but due ... All my assemblies are strong named. ...
      (microsoft.public.dotnet.security)
    • Re: security/strong name/zones clarification needed
      ... several but not publicly documented) about child code-group permissions ... a strong-name, or Authenticode signature evidence. ... This problem would also crop up in the AppDomain case also. ... All my assemblies are strong named. ...
      (microsoft.public.dotnet.security)
    • Re: security/strong name/zones clarification needed
      ... > this AppDomain needs to be setup before your assembly can be loaded, ... > Your assembly will have enough permissions, ... When the call stack is initiated, ... All my assemblies are strong named. ...
      (microsoft.public.dotnet.security)