Re: Windows Form Socket Permission

From: Adam (adamf81_at_yahoo.co.uk)
Date: 05/18/04

  • Next message: anonymous: "Application security" 
    Date: 18 May 2004 03:03:59 -0700

    Hi Shawn,

    Thanks for your reply.

    I was stupidly setting the permissions on the server, not the my local
    machine. I gave the code full trust access under Machine Code groups
    and its seems to work. This isn't ideal though, the control is to be
    used by home users, so it's not ideal to mess around with code access
    levels.

    I've had a look at your blog (but I'm as thick as bricks), and I've
    seen that you've mentioned that it may be possible to use a custom
    security object to grant code permssions. Would you know of any
    examples to grant access rights within the control? The control uses
    an sockets connection to a server other than the one it came from. Is
    there any other alternatives to this?

    Cheers,

    Adam

    shawnfa@online.microsoft.com ("Shawn Farkas") wrote in message news:<jgJXCgFPEHA.308@cpmsftngxa10.phx.gbl>...
    > Hi Adam,
    >
    > The .NET security policy is split into four levels: Enterprise, Machine, User, and AppDomain. By default all the policy is on the machine
    > level and all others are set to give all code FullTrust. When evaluating the policy, the CLR evaluates each of the four levels and intersects them
    > together. This means that by default, the enterprise level can only restrict permissions, not grant new ones. To start with, I'd add a code group on
    > the machine level that trusts your code.
    > The second problem you're having involves trusting code that runs in IE. I've written a blog entry that explains that problem in more detail
    > and gives some solutions: http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx
    >
    > -Shawn
    > http://blogs.msdn.com/shawnfa
    >
    > --
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    > Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they
    > originated.
    > --------------------
    > >From: adamf81@yahoo.co.uk (Adam)
    > >Newsgroups: microsoft.public.dotnet.security
    > >Subject: Windows Form Socket Permission
    > >Date: 17 May 2004 08:01:30 -0700
    > >Organization: http://groups.google.com
    > >Lines: 25
    > >Message-ID: <95c6c7da.0405170701.4036f06@posting.google.com>
    > >NNTP-Posting-Host: 193.227.201.254
    > >Content-Type: text/plain; charset=ISO-8859-1
    > >Content-Transfer-Encoding: 8bit
    > >X-Trace: posting.google.com 1084806090 3209 127.0.0.1 (17 May 2004 15:01:30 GMT)
    > >X-Complaints-To: groups-abuse@google.com
    > >NNTP-Posting-Date: Mon, 17 May 2004 15:01:30 +0000 (UTC)
    > >Path: cpmsftngxa10.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!news-out.cwix.com!newsfeed.cwix.com!
    > border1.nntp.dca.giganews.com!nntp.giganews.com!news.glorb.com!postnews1.google.com!not-for-mail
    > >Xref: cpmsftngxa10.phx.gbl microsoft.public.dotnet.security:6118
    > >X-Tomcat-NG: microsoft.public.dotnet.security
    > >
    > >Hi,
    > >
    > >I've got a windows form control running in a HTML page located on a
    > >web server. When the page is accessed through IE the control sends a
    > >message to another server using sockets when a button is clicked. The
    > >problems is that I get an error box saying:
    > >
    > >"The application attempted to perform an operation not allowed by the
    > >security policy......To grant this application the required
    > >permission......use the Microsoft .NET security policy administration
    > >tool."
    > >
    > >.
    > >.
    > >.
    > >
    > >Request for the permission of type System.Net.SocketPermission,
    > >System, Version=1.0.5000.0 ............."
    > >
    > >As I understand it I have to grant the controls' dll permissions to
    > >run sockets code through the .NET configuration tool. At the moment
    > >I've done this for Enterprise,All Code,Trust all code, but still
    > >receieve the same message.
    > >
    > >Where am I going wrong?
    > >

  • Next message: anonymous: "Application security"
    Loading