Cannot add a new code group under localintranet_zone programmatically

From: surya (suryanarayanan.varadarajan_at_honeywell.com)
Date: 02/26/04

  • Next message: Novice: "RE: Do all three permission classes (Identity Permission, Code Access Permission and Role Based Permission) fall under CAS?" 
    Date: Thu, 26 Feb 2004 19:48:55 +0530

    Hi,

    I am trying to add a new code group under the localintranet_zone code group
    in machine policy. The code goes through but it doesn't update the .Net
    configuration. Howerver if I add a new code group under the ALL Code group
    under machine policy it works. Have any of you faced this problem?

    The code I am using is:

    System.Collections.IEnumerator enu =
    System.Security.SecurityManager.PolicyHierarchy();

    while(enu.MoveNext())

    {

    polLevel = enu.Current as System.Security.Policy.PolicyLevel;

    if(polLevel.Label.Equals("Machine"))

    {

    System.Security.Policy.CodeGroup allCodeGroup = polLevel.RootCodeGroup;

    System.Collections.IList listOfCodeGroups = allCodeGroup.Children;

    for(int i =0; i <listOfCodeGroups.Count; i++)

    {

        System.Security.Policy.CodeGroup curCodeGroup = listOfCodeGroups[i] as

        System.Security.Policy.CodeGroup;

        if(curCodeGroup.Name.Equals("LocalIntranet_Zone"))

        {

            byte[] publickey = { 129, 164, 169, 143, 72, 151, 76, 171, 134, 74,
    103, 42, 135, 222, 191, 57, 137, 126, 221, 171, 237, 50, 18, 50, 195, 127,
    51, 8, 73, 71, 101, 202, 171, 67, 37, 89, 13, 119, 145,
    119, 246, 102, 64, 255, 236};

            System.Security.Permissions.StrongNamePublicKeyBlob publickeyblob =

            new System.Security.Permissions.StrongNamePublicKeyBlob (publickey);

            System.Security.Policy.IMembershipCondition memCon =

            new
    System.Security.Policy.StrongNameMembershipCondition(publickeyblob,"Storage"
    ,null);

            System.Security.PermissionSet ps =
    polLevel.GetNamedPermissionSet("FullTrust");

            System.Security.Policy.PolicyStatement statement = new
    System.Security.Policy.PolicyStatement(ps,System.Security.Policy.PolicyState
    mentAttribute.LevelFinal);

            System.Security.Policy.UnionCodeGroup myTestCodeGroup =

            new System.Security.Policy.UnionCodeGroup(memCon,statement);

            myTestCodeGroup.Description = "This code group identifies all
    storage assemblies";

            myTestCodeGroup.Name = "Storage";

            curCodeGroup.AddChild(myTestCodeGroup);

            System.Security.SecurityManager.SavePolicy();

            break;

        }

     }
    }

  • Next message: Novice: "RE: Do all three permission classes (Identity Permission, Code Access Permission and Role Based Permission) fall under CAS?"

    Relevant Pages

    • RE: Cannot add a new code group under localintranet_zone programmatically
      ... accomplish what you're trying to do, you first have to remove the intranet code group, then add your modified copy back into the policy. ... >X-Newsreader: Microsoft Outlook Express 6.00.2800.1158 ... >under machine policy it works. ...
      (microsoft.public.dotnet.security)
    • Re: Client side controls in IE not working as expected
      ... I get the following code group list ... I added a new group 'MyCodeGroup' under Machine Policy and set the ... My assembly has references to other assemblies but all of them ... > assembly belongs to, ...
      (microsoft.public.dotnet.framework.windowsforms)