Re: AddDomain with FullTrust

kurbylogic_at_hotmail.com
Date: 03/04/05

  • Next message: kurbylogic_at_hotmail.com: "Re: Assembly.Load fails after assembly preloaded using Assembly.LoadFrom (v1.1.4322)"
    Date: 4 Mar 2005 07:38:00 -0800
    
    

    The short answer is yes.
    The long answer is that unamanged application can only have "FullTrust"
    or no trust. If the application is permitted to run it is granted full
    trust, depending on the location of the unmanaged application, your OS
    and service pack level the user *might* be prompted to allow the
    application to run, XP SP2 will not even ask the user to run an
    unmanaged application from an untrusted source such as the internet it
    will simply block the applicaiton and preventing it from doing anything
    at all, so as far as "simplifying deployment" you have not found a way
    to bypass the security policy you have only reduced the granularity of
    the permission request, run or do not run. A managed host on the other
    hand can be pre-granted a defined permission set such as full trust
    from a local intranet site in which case the application is not blocked
    nor is the user prompted it just runs, the less permissions your
    application requires the more likely the user will be able to grant the
    application permission to run. If the application requires full trust
    the user can install it on his machine or an administrator can
    pre-grant the assemlby permissions to run from the local intranet.
    However, if the assembly only requires execute permissions the default
    policy will permit the assembly to run from the local intranet without
    any additional steps, confirmation dialogs, or whatever.

    - Kurt


  • Next message: kurbylogic_at_hotmail.com: "Re: Assembly.Load fails after assembly preloaded using Assembly.LoadFrom (v1.1.4322)"