Re: Medium Level Trust and Reflection
From: Paul Hatcher (phatcher_at_spamless.cix.co.uk)
Date: 02/26/05
- Next message: Henning Krause [MVP]: "Re: Compile assembly in runtime and execute in sandbox"
- Previous message: Shawn Farkas [MS]: "Re: Medium Level Trust and Reflection"
- In reply to: Shawn Farkas [MS]: "Re: Medium Level Trust and Reflection"
- Next in thread: Nicole Calinoiu: "Re: Medium Level Trust and Reflection"
- Reply: Nicole Calinoiu: "Re: Medium Level Trust and Reflection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 26 Feb 2005 08:47:24 -0000
Shawn
This is an open-source project (NHibernate) so I want to have reasonably
nice error messages, saying that it doesn't have Reflection permission early
on, rather than waiting until the functionality is invoked.
BTW Why does asserting that I can carry out an operation a higher level
security clearance?
Paul
""Shawn Farkas [MS]"" <shawnfa@online.microsoft.com> wrote in message
news:F1BGzV6GFHA.2164@TK2MSFTNGXA02.phx.gbl...
> Hi Paul,
>
> Looks correct to me :-) Although you won't need Assertion permission if
> you go route b, since, if I understand your scenario correctly, you no
> longer will need to Assert any permissions.
>
> -Shawn
> http://blogs.msdn.com/shawnfa
> --
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> Note:
> For the benefit of the community-at-large, all responses to this message
> are best directed to the newsgroup/thread from which they originated.
> --------------------
> > From: "Paul Hatcher" <phatcher@spamless.cix.co.uk>
> > References: <Oy8Y4M1GFHA.2744@tk2msftngp13.phx.gbl>
> <u3y8$I4GFHA.3352@TK2MSFTNGP10.phx.gbl>
> <#1XfeZ4GFHA.3088@tk2msftngp13.phx.gbl>
> <#zmyks4GFHA.576@TK2MSFTNGP15.phx.gbl>
> <#VfQqN5GFHA.3272@TK2MSFTNGP10.phx.gbl>
> > Subject: Re: Medium Level Trust and Reflection
> > Date: Sat, 26 Feb 2005 00:54:08 -0000
> > Lines: 77
> > X-Priority: 3
> > X-MSMail-Priority: Normal
> > X-Newsreader: Microsoft Outlook Express 6.00.3790.224
> > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.224
> > Message-ID: <#vGgt25GFHA.2860@TK2MSFTNGP12.phx.gbl>
> > Newsgroups: microsoft.public.dotnet.security
> > NNTP-Posting-Host: lan2.phatch.adsl.alcom.co.uk 212.47.82.102
> > Path:
>
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP1
> 2.phx.gbl
> > Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.security:9248
> > X-Tomcat-NG: microsoft.public.dotnet.security
> >
> > Is this correct...
> >
> > 1. Assert the Reflection permission declaratively in the code.
> > a.. Place the assembly in the GAC
> > or
> > b. Modify the web_mediumtrust.config to grant Assertion and Reflect
> > permission based on the strong name
> >
> > Paul
> >
> >
> > "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
wrote
> > in message news:#VfQqN5GFHA.3272@TK2MSFTNGP10.phx.gbl...
> > > That's pretty much what I thought. I wasn't sure if the code he was
> > calling
> > > that demanded the Reflection permission did a full demand or not, so I
> > > thought he should probably know about Assert as well, just in case.
> > >
> > > Thanks!
> > >
> > > Joe K.
> > >
> > > "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in
> message
> > > news:%23zmyks4GFHA.576@TK2MSFTNGP15.phx.gbl...
> > > > Depends on whether the code that's being called makes a link demand
or
> > > > full demand. If it's a full demand, then an assertion will be
> required,
> > > > but assertion permission can be acquired by the same means as
> reflection
> > > > permission.
> > > >
> > > >
> > > > "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
> > wrote
> > > > in message news:%231XfeZ4GFHA.3088@tk2msftngp13.phx.gbl...
> > > >> Won't he need to assert the permissions he's using to if he wants
to
> > > >> prevent a stack walk? That would apply in either situation (GAC or
> > > >> non-GAC) if his assembly had permissions that the rest of the
> > application
> > > >> did not by default, right?
> > > >>
> > > >> Joe K.
> > > >>
> > > >> "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in
> > message
> > > >> news:u3y8$I4GFHA.3352@TK2MSFTNGP10.phx.gbl...
> > > >>> Have you tried adding it to the GAC? Did it work? If so, would
you
> > > >>> stiff
> > > >>> prefer an alternate approach? For example, you might try to alter
> the
> > > >>> web_mediumtrust.config to grant additional permissions to your
> > assembly
> > > >>> based on its
> > > >>> strong name.
> > > >>>
> > > >>>
> > > >>> "Paul Hatcher" <phatcher@spamless.cix.co.uk> wrote in message
> > > >>> news:Oy8Y4M1GFHA.2744@tk2msftngp13.phx.gbl...
> > > >>>> Is there any way of granting a specific assembly Reflection
> > permission
> > > >>>> when
> > > >>>> the web server is set to Medium level trust? The assembly is
> signed
> > > >>>> and
> > > >>>> may
> > > >>>> be placed in the GAC if necessary
> > > >>>>
> > > >>>> Paul
> > > >>>>
> > > >>>>
> > > >>>
> > > >>>
> > > >>>
> > > >>
> > > >>
> > > >
> > > >
> > >
> > >
> >
> >
> >
>
- Next message: Henning Krause [MVP]: "Re: Compile assembly in runtime and execute in sandbox"
- Previous message: Shawn Farkas [MS]: "Re: Medium Level Trust and Reflection"
- In reply to: Shawn Farkas [MS]: "Re: Medium Level Trust and Reflection"
- Next in thread: Nicole Calinoiu: "Re: Medium Level Trust and Reflection"
- Reply: Nicole Calinoiu: "Re: Medium Level Trust and Reflection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
