Re: Security Settings to load Winform using unmanaged code in IE?
From: Steve Lewis (smlewis_at_lordjoe.com)
Date: 11/05/03
- Next message: Bob Cummings: "Re: please help with file access and security issues"
- Previous message: Crirus: "Re: Assambly dll over internet"
- In reply to: Ivan Medvedev [MS]: "Re: Security Settings to load Winform using unmanaged code in IE?"
- Next in thread: Ivan Medvedev [MS]: "Re: Security Settings to load Winform using unmanaged code in IE?"
- Reply: Ivan Medvedev [MS]: "Re: Security Settings to load Winform using unmanaged code in IE?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 5 Nov 2003 06:57:30 -0800
The comment on Assert is important when insecure code is called - My
code DOES Assert privieleges when permissions are required. The
problem is that without adding permissions to LocalIntranet my
assembly will not even load! Until the assembly is loaded there is no
way to assert privileges.
The only permission declared at the assembly level is calling
unmanaged code.
Any other ideas??
"Ivan Medvedev [MS]" <ivanmed@online.microsoft.com> wrote in message news:<u8YkRBwoDHA.708@TK2MSFTNGP10.phx.gbl>...
> Steve -
> the reason it does not work is that the AppDomain stack frame (that is being
> hit by security stackwalk in case of IE host) defined by the html page url
> does not have enough trust. To fix the problem you should Assert() the
> relevant permissions in your assembly before invoking protected code. Some
> more details here:
> http://blogs.gotdotnet.com/shawnfa/PermaLink.aspx/abbe58e7-2ee6-4f77-bcd9-189fcd01e51d
> --Ivan
> http://blogs.gotdotnet.com/ivanmed
> This posting is provided "AS IS" with no warranties, and confers no rights
>
>
> "Steve Lewis" <smlewis@lordjoe.com> wrote in message
> news:973f4e2c.0311040833.5c8f2484@posting.google.com...
> > I have a WinForm that I wish to host in IE. The assembly calls
> > unmanaged code and performs several other actions requiring permission
> > outside the sandbox.
> > I declare AllowPartiallyTrustedCallersAttribute and sign the assembly
> > with a strong name. I create a code group granting the strong name
> > full trust.
> > When I call Assembly.LoadFrom in an application the assembly load and
> > runs properly.
> > When I use an Object Tag to load the assembly from a web page using
> > default intranet permissions, the load fails which is to say the
> > object is not created.
> > When I grant Full Trust to the intranet the load succeeds.
> > I would perfer not to grant such broad trust to a role but am
> > uncertain why the load fails and what is the mimimum permission
> > required to load my assembly.
> > Any help would be appreciated.
- Next message: Bob Cummings: "Re: please help with file access and security issues"
- Previous message: Crirus: "Re: Assambly dll over internet"
- In reply to: Ivan Medvedev [MS]: "Re: Security Settings to load Winform using unmanaged code in IE?"
- Next in thread: Ivan Medvedev [MS]: "Re: Security Settings to load Winform using unmanaged code in IE?"
- Reply: Ivan Medvedev [MS]: "Re: Security Settings to load Winform using unmanaged code in IE?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
