Re: CAS Permission Sets

From: Nicole Calinoiu (calinoiu)
Date: 08/12/05


Date: Fri, 12 Aug 2005 07:20:27 -0400


"Jeppe Dige Jespersen" <jdj_@_jdj.dk> wrote in message
news:eIiMWxwnFHA.2472@TK2MSFTNGP15.phx.gbl...
> Hi,
>
> Can someone clarify the difference between the FullTrust and the
> Everything permission sets?

The biggest difference is that FullTrust isn't really set of defined
permissions. Instead, it's essentially a marker that the assembly should
pass any permission demand. On the other hand, Everything is a normal
permission set that defines a list of permissions that happens to contain
essentially all of permissions included in the core .NET Framework, with the
exception of SecurityPermission\SkipVerification. Any additional
permissions that might happen to be installed on the machine (say, a custom
permission that you might create) will not be included in the Everthing
group.

> I know that a FullTrust assembly will not undergo permission checking,

This is not correct. Assemblies with a FullTrust grant are subjected to
permission checking. They simply pass any permission demand (with the
exception of demands for identity permissions in the v. 1.x framework).

> but why give an assembly Everything permissions, when you could omit
> checking altogether with the FullTrust set?

You can't bypass permission verification by granting FullTrust, so this
isn't a good reason for a FullTrust grant. There are, however, several
potentially valid reasons for choosing an Everything grant over a FullTrust
grant, including:

1. You don't want to grant the assembly
SecurityPermission\SkipVerification.

2. You don't want to automatically grant the assembly potentially unknown
custom permissions that might have been installed by other software.

3. You don't want the assembly to pass demands for FullTrust (including the
LinkDemands generated when attempting to call into a strongly named
assembly not marked by AllowPartiallyTrustedCallersAttribute).

That said, there are several "dangerous" permissions included in the
Everything set that you might also want to deny to assemblies that meet any
of these criteria. However, as a built-in permission set, Everything is not
modifiable. Therefore, in practice, one might prefer to assign a custom
permission set that includes a few less permissions than Everything.

>
> Thanks,
> Jeppe D. Jespersen
> Denmark
>
>
>



Relevant Pages

  • Re: Error when executing from a network share
    ... Is there a recommended way to check whether FullTrust (or whatever is ... be that for loading assemblies dynamically you will again need FullTrust. ... Failed to grant minimum permission requests. ... Choose URL as condition type and type the UNC path of your app: ...
    (microsoft.public.dotnet.languages.vc)
  • Re: FullTrust PermissionSet?
    ... Another difference between FullTrust and Everything is the SkipVerification ... >> FullTrust is a special permission set to the .Net Framework. ... FullTrust assemblies will pass every permission ...
    (microsoft.public.dotnet.security)
  • Re: Error when executing from a network share
    ... Failed to grant minimum permission requests. ... Only assemblies in the local computer zone have full trust and that is the ... Choose URL as condition type and type the UNC path of your app: ... Use "FullTrust" permission set. ...
    (microsoft.public.dotnet.languages.vc)
  • Re: FullTrust PermissionSet?
    ... FullTrust does not imply all permissions, ... FullTrust is a special permission set to the .Net Framework. ... FullTrust assemblies will pass every permission ...
    (microsoft.public.dotnet.security)
  • Re: FullTrust PermissionSet?
    ... Everything is an actual permission set containing many permissions, ... FullTrust is a PermissionSet created that has its Unrestricted flag set to ... FullTrust assemblies will pass every permission ...
    (microsoft.public.dotnet.security)