RE: Assembly loaded from URL needs to read registry - but can't

From: Shawn Farkas [MS] (shawnfa_at_online.microsoft.com)
Date: 02/26/05 

Date: Sat, 26 Feb 2005 01:41:55 GMT

You can also check out:
http://blogs.msdn.com/shawnfa/archive/2003/06/20/57023.aspx for some
suggestions on implementing the strong name method.

-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.
 

Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
> Thread-Topic: Assembly loaded from URL needs to read registry - but can't
> thread-index: AcUbBLIFgoAdXMD9SBqHeglvditWfA==
> X-WBNR-Posting-Host: 202.130.192.170
> From: "=?Utf-8?B?SmFuIFBldHJhcw==?=" <JanPetras@discussions.microsoft.com>
> References: <OVUPsPtGFHA.3612@TK2MSFTNGP09.phx.gbl>
> Subject: RE: Assembly loaded from URL needs to read registry - but can't
> Date: Thu, 24 Feb 2005 22:39:03 -0800
> Lines: 64
> Message-ID: <682A7213-2A24-4A96-BA34-19850603F5BB@microsoft.com>
> MIME-Version: 1.0
> Content-Type: text/plain;
> charset="Utf-8"
> Content-Transfer-Encoding: 7bit
> X-Newsreader: Microsoft CDO for Windows 2000
> Content-Class: urn:content-classes:message
> Importance: normal
> Priority: normal
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> Newsgroups: microsoft.public.dotnet.security
> NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29
> Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGXA
03.phx.gbl
> Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.security:9232
> X-Tomcat-NG: microsoft.public.dotnet.security
>
> What I would do is that I would modify enterprise policy on the server to
> indicate that any code comming from \\yourserver\yourdirectorywithdlls\*
is
> FullTrust. Then, don't worry about creating evidence and all that. Or,
sign
> the assemblies with your public key and modify enterprise policy that any
> assembly signed with code with that public key is of "Full Trust" level...
>
> Generally, play around with caspol.exe (or MMC snapin) to get what you
need.
> There may be other solutions as well, I would try this first.
>
> Regards,
> JnP76
>
>
> "gkelly" wrote:
>
> > I have a set of applications that use a common assembly library.
> >
> > AppA, AppB and AppC all use LibA and LibB
> >
> > These will run on about 25 computers.
> >
> > AppA and LibA need to read registry to determine database connect
string to
> > use and other misc config stuff
> >
> > For a while anyway, all code will be updated periodically. So, I
decided
> > place code on our web server.
> >
> > Instead of AppA and AppB being "Windows Applications" I changed them to
> > Class Libraries.
> >
> > I created a Launcher App that will use Assembly.LoadFrom to load from a
url
> > like http://server/applib/AppA.dll
> >
> > However, since code loaded this way runs in a different context I get
an
> > error error such as:
> >
> > Request for the permission of type
> > System.Security.Permissions.RegistryPermission failed..
> >
> > I have read about this and somewhat understand the issues involved.
> >
> > Question: Is there a "simple" way to load a dll from a URL and have it
run
> > with the same permission as code that was
> > loaded locally?
> >
> > I thought the following would work, but it doesnt. Same error happens.
 So,
> > obviously my understanding is very limited.
> >
> > Evidence ev = new Evidence();
> > ev.Merge( AppDomain.CurrentDomain.Evidence );
> > ev.AddHost( new Zone( SecurityZone.MyComputer ));
> > Assembly v_assembly = Assembly.LoadFrom(
"http://server/applib/AppA.dll",
> > ev );
> >
> > when creating an object instance from this assembly it still can't read
the
> > registry. I "thought" this would load the assembly so that's
> > it's code would run with same permissions as the launcher. It doesn't.
> >
> > Any help would be appreciated.
> >
> > gkelly
> >
> >
> >
>

Relevant Pages

  • Re: Assembly loaded from URL needs to read registry - but cant
    ... > AppA, AppB and AppC all use LibA and LibB ... > I created a Launcher App that will use Assembly.LoadFrom to load from a ... > with the same permission as code that was ...
    (microsoft.public.dotnet.security)
  • Re: security/strong name/zones clarification needed
    ... Does the Assert code go in its ... >>this AppDomain needs to be setup before your assembly can ... >>will recieve the permission grant you expect (in this ... All my assemblies are strong named. ...
    (microsoft.public.dotnet.security)
  • Re: assembly doesn permit partially trustets calls
    ... To mitigate the risk, think very carefully about the permissions that you assign to the application running on the file share so that it permits exactly and only the request to satisfy the permission demand, block everything else. ... we can give all the assemblies in the ... Microsoft Online Community Support ...
    (microsoft.public.dotnet.framework)
  • Re: security/strong name/zones clarification needed
    ... Does the Assert code go in its ... >this AppDomain needs to be setup before your assembly can ... >will recieve the permission grant you expect (in this ... All my assemblies are strong named. ...
    (microsoft.public.dotnet.security)
  • Re: security/strong name/zones clarification needed
    ... Dim zz As New System.Security.PermissionSet ... >> When assemblies are ... >>>needs to host the CLR, it creates an AppDomain, but due ... >>>will recieve the permission grant you expect (in this ...
    (microsoft.public.dotnet.security)