Re: How to test if my code have "FullTrust" permission?

From: Nicole Calinoiu (nicolec_at_somewhere.net)
Date: 07/07/04


Date: Wed, 7 Jul 2004 08:49:27 -0400


"Lei Jiang" <code@263.net> wrote in message
news:ug0btH2YEHA.228@TK2MSFTNGP10.phx.gbl...
> Yes, it's just what I want.
>
> First thank you all for your replies.
>
> The basic scenario is :
>
> I have a winform control embeded in IE web page and in this control I have
> many things to do : write local files, connect to database, etc. So I'd
> like
> to have the control being "FullTrust"'ed.

Unless your code must call into assemblies that do not permit partially
trusted callers, needing "many" permissions is a far cry from requiring full
trust. Even for locally installed applications, running with full trust is
not recommended (see, for example,
http://msdn.microsoft.com/msdnmag/issues/04/04/SecurityBriefs/default.aspx).
For a browser-hosted control, running with least priviledge is even more
important. I would strongly recommend that you set up appropriate minimum
and optional permission requests for your assembly rather than requiring
that your users run it with full trust.

>
>
> "Nicole Calinoiu" <nicolec@somewhere.net> дϢ
> news:ee$Olh1YEHA.2016@TK2MSFTNGP09.phx.gbl...
>> Niroo,
>>
>> It sounds to me like that's what Lei Jiang was looking for: a way to tell
> if
>> the current assembly has been granted full trust, not a way to tell if
>> any
>> given permission is granted to the entire call stack.
>>
>> Nicole
>>
>>
>> "Niroo" <Niroo@discussions.microsoft.com> wrote in message
>> news:50A50D67-BA06-41FA-BAED-B318806D3FFF@microsoft.com...
>> > This only tells you whether your assembly has been granted the
> permission.
>> > Generally when you do a demand a full stack walk occurs and all calling
>> > assemblies are checked. IsGranted() doesn't check the call chain.
>> >
>> > Niroo
>> >
>> > "Nicole Calinoiu" wrote:
>> >
>> >> The IsGranted method of the System.Security.SecurityManager class is
>> >> probably what you want. e.g.:
>> >>
>> >> bool isFullyTrusted = SecurityManager.IsGranted(new
>> >> SecurityPermission(PermissionState.Unrestricted));
>> >>
>> >> HTH,
>> >> Nicole
>> >>
>> >>
>> >> "Lei Jiang" <code@263.net> wrote in message
>> >> news:uquvtE0YEHA.3156@TK2MSFTNGP12.phx.gbl...
>> >> > It seems there is no method to test if the current code has
> "FullTrust"
>> >> > permission?
>> >> >
>> >> > Thanks!
>> >> >
>> >> >
>> >>
>> >>
>> >>
>>
>>
>
>



Relevant Pages

  • Re: security/strong name/zones clarification needed
    ... control, you may have to override them and do the assert there. ... Does this zone have permission to use custom ... All my assemblies are strong named. ...
    (microsoft.public.dotnet.security)
  • Re: security/strong name/zones clarification needed
    ... Try to add your site to trust sites zone and set permission there to full ... If I house it in a WinForm app and ... if I house the managed control in an HTML page ...
    (microsoft.public.dotnet.security)
  • Re: Security issue running unmanaged code in a win form ctrl hosted in
    ... go to mscorcfg.msc - there you can inspect the policy for the machine - the intranet/internet permission set don't include SecurityPermission/UnmanagedCode ... maybe you should create a custom code group for your control - using a StrongNameMembershipCondition, ... at System.Windows.Forms.AxHost..ctor(String clsid, Int32 flags) ... permission option for assemblies persent in .NET) ...
    (microsoft.public.dotnet.security)
  • Re: Download dependent assemblies for IE hosted control not easy
    ... > and grant the assemblies full rights, I used the method to add a new ... This codegroup is: ... > Full Trust ... >>> I developed a forms-based control to host it in IE. ...
    (microsoft.public.dotnet.security)
  • Re: security/strong name/zones clarification needed
    ... Adding my site to a trusted sites zone or granting Full ... Trust to my URL is not a secure way of doing this. ... >> I have a strongly signed managed control (it simply has ... >> I tried asserting a fulltrust permission set in the ...
    (microsoft.public.dotnet.security)