RE: .NET Assembly permissions
From: Shawn Farkas [MS] (shawnfa_at_online.microsoft.com)
Date: 02/26/05
- Next message: Shawn Farkas [MS]: "Re: API to access loaded assembly hash"
- Previous message: Shawn Farkas [MS]: "Re: Annoying: You are about to leave secure internet connection"
- In reply to: Nick Goloborodko: ".NET Assembly permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 26 Feb 2005 01:37:41 GMT
If you want the quick fix, then you could do a minimum request for
FullTrust.
[assembly: PermissionSet(SecurityAction.RequestMinimum, Unrestricted=true)]
Which will prevent your assembly from loading if its not going to be fully
trusted; this should work fine by default on the server side. If you're
deploying to the client side, then adding this permission will prevent your
assembly from loading. (More on assembly-level declarative security here:
http://blogs.msdn.com/shawnfa/archive/2004/08/30/222918.aspx).
If this is a client-side control, you'll need to start with the Internet
permission set, which will be quite a few more attributes. (caspol -lp and
then search for the Internet set to get an idea.) At the very least you'll
need:
[assembly: SecurityPermission(SecurityAction.RequestMinimum,
SecurityAction.Execution)]
You could start from there, and then work your way up as you encounter
security exceptions.
-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
> From: Nick Goloborodko <coolbest@paradise.net.nz>
> Subject: .NET Assembly permissions
> Followup-To: microsoft.public.dotnet.framework.aspnet.security
> Reply-To: coolbest@paradise.net.nz
> Date: Mon, 21 Feb 2005 01:49:18 +1300
> Lines: 17
> User-Agent: KNode/0.7.6
> MIME-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7Bit
> Message-ID: <eU8H#p0FFHA.3384@tk2msftngp13.phx.gbl>
> Newsgroups:
microsoft.public.dotnet.framework.aspnet.security,microsoft.public.dotnet.se
curity
> NNTP-Posting-Host: 202-0-63-3.adsl.paradise.net.nz 202.0.63.3
> Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp1
3.phx.gbl
> Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.security:9157
microsoft.public.dotnet.framework.aspnet.security:13329
> X-Tomcat-NG: microsoft.public.dotnet.security
>
> Hi,
>
> I am in the process of working on ASP.NET web control. Basically the
control
> is just a timer which after a certain timespan posts the page back to
> server. It is now functionally complete, and as good coding practice i ran
> FxCop on the assembly.
>
> Im a relative newbie in .NET, espacially when it comes to subjects like
> security, which previously i just tended to ignore because it was
> non-essential for a functionally complete product.
>
> FxCop complained that Assemblies should declare minimum security. At the
> moment im looking for a quick fix, so what should a security permissions
of
> such assembly be?
>
> Kind regards,
> nick Goloborodko
>
- Next message: Shawn Farkas [MS]: "Re: API to access loaded assembly hash"
- Previous message: Shawn Farkas [MS]: "Re: Annoying: You are about to leave secure internet connection"
- In reply to: Nick Goloborodko: ".NET Assembly permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
