Re: How to use SecurityAction.RequestMinimum for UnmanagedCode

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 03/18/04

Next message: Hernan de Lahitte: "Re: How to use SecurityAction.RequestMinimum for UnmanagedCode"

Previous message: Joe Kaplan \(MVP - ADSI\): "Re: I need to know how to test to see if a string value in the 'DOMAIN/somevalue' format is either a NT user's login or a NT security group"
In reply to: Roy Chastain: "Re: How to use SecurityAction.RequestMinimum for UnmanagedCode"
Next in thread: Hernan de Lahitte: "Re: How to use SecurityAction.RequestMinimum for UnmanagedCode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 18 Mar 2004 10:34:26 -0600

It may be the case here that the code in your assembly has rights to run
unmanaged code based on the strong name you applied to the assembly the
modification to local machine policy.

However, the other thing to remember is that the AppDomain created by IE
itself will run partially trusted, usually in the intranet zone or internet
zone. Code in these zones can't call unmanaged code, so the demand for the
SecurityPermission succeeds in your assembly, but fails when the stack walk
reaches the AppDomain itself.

To fix this, you will either need to grant full try to that particular URL
(not a good idea from a security perspective), or apply the
AllowPartiallyTrustedCallersAttribute to your trusted assembly and Assert
the permission for unmanaged code before making the call. Assert will stop
the stack walk (assuming you have permission to Assert, which you should
with Full Trust) and you will be able to make your call. Make sure to call
RevertAssert as soon as you are done with the unmanaged code call.

Allowing partially trusted callers and Asserting permissions are "big deal"
security operations that you should not consider lightly, so make sure it is
really safe to do what you are doing. You may also consider demanding a
different permission from the caller to ensure that they have some kind of
permission to perform the secure operation.

HTH,

Joe K.

"Roy Chastain" <roy@kmsys.com> wrote in message
news:0m7j501lda0usrohb6g7plob2510481n59@4ax.com...
> I have solved the problem on the local machine that does the
http://server.... I have used a one touch install that gives assemblies
signed
> with our key full trust. (Not exactly elegant, but it works.)
>
> The problem is that now the code on the server (the remote object itself)
that is in wwwroot/virtualdirectory2/bin is the code that is
> trying to call unmanaged code. I had expected this to work, because it is
local to the system that it is running on? Obviously,
> framework's concept of local and my concept of local are somewhat
different.
>
> So, what zone is the remote object running in when it is invoked this way?
> Is a one touch install to set my security permissions the best way to
handle this?
>
> Thanks
>
>
>
> On Wed, 17 Mar 2004 18:22:15 -0300, "Hernan de Lahitte"
<hernan@lagash.com> wrote:
>
> >Regarding the first part of your question, you can indicate that your
> >assembly requires Unmanaged Code Access this way:
> >
> >[assembly: SecurityPermission(SecurityAction.RequestMinimum, Flags=
> >SecurityPermissionFlag.UnmanagedCode)]
> >
> >This alone won't help if you don't address the hole picture problem.
> >If you call code from the internet zone like this;
> >http://server/virtualdirectoyr/application.exe, then you will have to
modify
> >your security policy and use the sandboxing approach as well. There are a
> >bunch of articles that describe a scenario like this. You might take a
look
> >at this link:
> >
>
>http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/h
tml/THCMCh09.asp?frame=true#c09618429_013
> >(Sandbox Privileged Code )
>
> -------------------------------------------
> Roy Chastain

Next message: Hernan de Lahitte: "Re: How to use SecurityAction.RequestMinimum for UnmanagedCode"

Previous message: Joe Kaplan \(MVP - ADSI\): "Re: I need to know how to test to see if a string value in the 'DOMAIN/somevalue' format is either a NT user's login or a NT security group"
In reply to: Roy Chastain: "Re: How to use SecurityAction.RequestMinimum for UnmanagedCode"
Next in thread: Hernan de Lahitte: "Re: How to use SecurityAction.RequestMinimum for UnmanagedCode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Am I the only one with doubts about .NET for commercial apps?
... > So far, I have found only these two weaknesses, but these are BIG ... harder to do in unmanaged code, no licensing restrictions you add there are ... sense of security by making it clearer how easy it is to do. ... You can make reusing your assemblies a bit harder by using identity demands, ...
(microsoft.public.dotnet.general)
Re: Prob in Ngen Com Addin.
... ngen is used for managed code. ... the primary interop assemblies, it does not translate the unmanaged code ... > Interop.MAPI,Interop.Outlook and couple of other dlls. ...
(microsoft.public.dotnet.framework.performance)
Re: API Call vs Security
... >case from gdi), Me or the user of the application, need to configure some ... >security issue? ... You need permission to call unmanaged code, ...
(microsoft.public.dotnet.framework.interop)
Re: Troubleshooting a GC Collection?
... The acrobat control is on a dedicated form. ... AssemblyLoad event and log when all referenced assemblies are loaded). ... > problem without any unmanaged code. ... > Animated vector graphics system ...
(microsoft.public.dotnet.framework.clr)
Re: Peace between Native and .NET freaks (a proposal)
... > Delphi can easily connect with unmanaged code in other assemblies. ... Yes, through standard interop. ... But that's *exactly* what this compiler ...
(borland.public.delphi.non-technical)