How Should Clients trust Strong Named Assemblies?

molloyr_at_nortel.com
Date: 07/06/05


Date: 6 Jul 2005 08:39:48 -0700

Hi
I've been banging my head against a wall on this one for the last few
weeks.....

Basically we have an exe and about 12 dlls on the web server.
We want to run them using ClickOnce smart client technology.

I created a code group, (whose parent is 'Internet') at the machine
policy level which gives full trust to assemblies which are signed with
our private key.

I then created a deployment package and rolled it out to all our
clients.

Once I deploy the msi to client machines the Internet zone now has full
trust, as does Local Intranet and Trusted Sites zones.

Couple of questions;

1) Should this new rolled out security policy now allow any user of
that machine to run those strong named assemblies. We have found that
the user needs to have local admin OR Domain Admin rights before the
assembly will download and run??
Does it totally depend on what the assembly is doing - e.g if we are
writing to the event log does granting the assembly full trust
facilitate this or does the user ALSO need admin rights to write to the
event log.

2) We have a 3rd party dll signed with a different strong name and yet
it still runs (once the user is an admin).
I'm not convinced that our new code group is getting evaluated at all -
I think that the Internet zone (parent) which now has full trust is
allowing anything from the the Internet zone to run.
What I want to happen is for CAS to evaluate my Assembly and allow it
to run IF a) its coming from the internet zone AND b) it has been
signed with our private key.
At the moment I only think a) is being evaluated.

Any help greatly appreciated.....



Relevant Pages

  • Re: How Should Clients trust Strong Named Assemblies?
    ... ClickOnce does not use CAS policy. ... > that machine to run those strong named assemblies. ... > the user needs to have local admin OR Domain Admin rights before the ... > I think that the Internet zone which now has full trust is ...
    (microsoft.public.dotnet.security)
  • Re: How Should Clients trust Strong Named Assemblies?
    ... > Once I deploy the msi to client machines the Internet zone now has full ... > trust, as does Local Intranet and Trusted Sites zones. ... admin rights should not be necessary. ... Your new code group is getting evaluated. ...
    (microsoft.public.dotnet.security)
  • RE: Security problems in .Net web application
    ... Reason is that your evidence shows that you are running in a zone called ... The internet zone has limited capabilities; ... To make this work on your box, you need to set full trust to ... zone allowing FullThrust to assemblies exposing your strongname key. ...
    (microsoft.public.dotnet.security)
  • Re: Confusion about .Net AllowPartiallyTrustedCallers (IE).
    ... To get around the security exceptions that occur; ... The assumption is that strong named assemblies will often have more ... more permissions to perform this task. ... have Full Trust. ...
    (microsoft.public.dotnet.security)
  • Re: Tightening the default CAS policy
    ... years now) that Full Trust is a very bad idea, and that we need to move ... partially trusted applications. ... not in itself be sufficient IMHO to increase an assemblies trust permission. ... information and transmits it to some internet site. ...
    (microsoft.public.dotnet.security)