Re: AddDomain with FullTrust

kurbylogic_at_hotmail.com
Date: 03/04/05

  • Next message: kurbylogic_at_hotmail.com: "Re: Assembly.Load fails after assembly preloaded using Assembly.LoadFrom (v1.1.4322)"
    Date: 4 Mar 2005 07:38:00 -0800
    
    

    The short answer is yes.
    The long answer is that unamanged application can only have "FullTrust"
    or no trust. If the application is permitted to run it is granted full
    trust, depending on the location of the unmanaged application, your OS
    and service pack level the user *might* be prompted to allow the
    application to run, XP SP2 will not even ask the user to run an
    unmanaged application from an untrusted source such as the internet it
    will simply block the applicaiton and preventing it from doing anything
    at all, so as far as "simplifying deployment" you have not found a way
    to bypass the security policy you have only reduced the granularity of
    the permission request, run or do not run. A managed host on the other
    hand can be pre-granted a defined permission set such as full trust
    from a local intranet site in which case the application is not blocked
    nor is the user prompted it just runs, the less permissions your
    application requires the more likely the user will be able to grant the
    application permission to run. If the application requires full trust
    the user can install it on his machine or an administrator can
    pre-grant the assemlby permissions to run from the local intranet.
    However, if the assembly only requires execute permissions the default
    policy will permit the assembly to run from the local intranet without
    any additional steps, confirmation dialogs, or whatever.

    - Kurt


  • Next message: kurbylogic_at_hotmail.com: "Re: Assembly.Load fails after assembly preloaded using Assembly.LoadFrom (v1.1.4322)"

    Relevant Pages

    • Re: Hosting, ASP.NET, medium trust level, metafile - Problem!!!
      ... In order to use this Metafile constructor overload, ... permission to run unmanaged code. ... must run at the default medium trust level, one approach might be to use ... > at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Adjusting security setting to run an embedded windows control in IE
      ... Should I connect back to the server only using port 80? ... Changing security permission by the client is not an option ... > AppDomain that it runs your code in, that AppDomain is created based on ... > zone has been given Full Trust). ...
      (microsoft.public.dotnet.security)
    • Re: Code Acceess Security question
      ... Some of the Microsoft code must have full trust to execute, ... With the default settings for My_Computer_Zone the child code groups ... and both have the FullTrust permission ...
      (microsoft.public.dotnet.security)
    • Re: How to test if my code have "FullTrust" permission?
      ... > I have a winform control embeded in IE web page and in this control I have ... Unless your code must call into assemblies that do not permit partially ... running with full trust is ... >> given permission is granted to the entire call stack. ...
      (microsoft.public.dotnet.security)
    • Re: The Poisoning Of The Well
      ... LEOs problem with the gatherings is the slave market at them. ... Rainbow will still have to live down the poisoning of the Rainbow well ... Rather than attacking the constitutional violation the permit has ... A lack of trust on both sides will be harder to mend. ...
      (alt.gathering.rainbow)