Re: policy files and .Net Configuration tool?
From: Nicole Calinoiu (calinoiu)
Date: 06/12/05
- Previous message: Dominick Baier [DevelopMentor]: "Re: User.IsInRole is always FALSE"
- In reply to: Christian: "Re: policy files and .Net Configuration tool?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 12 Jun 2005 08:29:32 -0400
"Christian" <Christian@discussions.microsoft.com> wrote in message
news:3E57DC04-26E6-443A-B5BD-63A96C758F11@microsoft.com...
> Thanks for clearing that up...
>
> That means that having policy files just make it able to have more
> restrictions on assemblies running in IIS..
>
> I have a scenario where I just want to use CAS to make shure that the
> calling assemblies are signed from me.. This means that I might as well
> just
> use the Configuration tool for this, right!
Not sure about that. Usually one uses StrongNameIdentityPermission (or
PublisherIdentityPermission, depending on what kind of signing you're using)
demands for this. AFAIK, there's no way to set policy to prevent assemblies
without a specified signature from calling into a given assembly.
BTW, if you are thinking about using identity permissions demands for
limiting callers, you should be aware that these are pretty trivially
bypassed by highly/fully trusted code. In v. 1.x of the framework, this
bypass requires deliberate action in most cases, but fully trusted code will
automatically pass all identity permission demands in v. 2.0.
>
> Thangs again Nicole!
> Regards
> Christian
>
> "Nicole Calinoiu" wrote:
>
>> The policy established via the .NET configuration tools specifies the
>> permission grants for all .NET assemblies run on the machine, not just
>> those
>> run via ASP.NET. ASP.NET adds another layer of policy that can be used
>> to
>> further restrict these permission grants. This policy is configured via
>> the
>> "policy files" to which you referred. Since this additional policy layer
>> is
>> applied by ASP.NET, it only affects applications run under ASP.NET.
>>
>>
>>
>> "Christian G." <Christian G.@discussions.microsoft.com> wrote in message
>> news:525A3CE4-4B2B-4193-90D5-937E22A32B13@microsoft.com...
>> > Code Access Security:
>> > Can anybody tell me the different in using "policy files" referenced in
>> > the
>> > web.config file and setting up security in the ".Net Configuration
>> > tool" ?
>> >
>> > Thanks in advance!
>> > Christian
>> >
>>
>>
>>
- Previous message: Dominick Baier [DevelopMentor]: "Re: User.IsInRole is always FALSE"
- In reply to: Christian: "Re: policy files and .Net Configuration tool?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
