Re: Security blues
- From: ItsOnlyAFleshWound <ItsOnlyAFleshWound@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 23 May 2007 11:30:02 -0700
Thanks, Joe.
I was able to determine what my problems are using the tool you recommended.
I have already worked around one and can pose the other to the development
group responsible for the libraries that I am using.
Very useful piece of software.
Thanks again.
--
Tim
"Joe Kaplan" wrote:
Generally, when an app behaves differently depending on the user who is.
running it, this is because of Windows security, not Code Access Security.
CAS determines what the code is allowed to do independent of the user who is
running it. As such, permcalc isn't likely to be of much use.
You might consider using a tool like process monitor to see if there are any
files or registry key accesses that are generating an access denied error
during execution. This is often a good indication of the Windows permission
that is being requested and not granted and my give you some idea where to
look.
Note also that if you don't have the source code for some of your
assemblies, you can often do a serviceable job of recovering it with
Reflector with the file disassembler plug-in.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"ItsOnlyAFleshWound" <ItsOnlyAFleshWound@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:54B5DA96-F5D4-4EC2-9888-08BE32A439D1@xxxxxxxxxxxxxxxx
.Net gurus,
I have written an app that works great on my dev workstation. When I load
it on the corporate server, it fails, seemingly with an error unrelated to
security. (It says it cannot load a resource string, while all resources
are
embedded in the assembly.) However, when I get the admin of the server to
run the program with admin rights, it succeeds. "Fix the security," you
say,
and you're right of course.
Here are the complications of fixing the security.
1. It is using a common library of assemblies which were developed by a
number of individuals at my company, many of whom no longer work here. I
have no idea how they might have set up security.
2. My company is using .Net 1.1, so I cannot use PermCalc. At least I
think
not.
3. Permview doesn't give me much: ReflectionPermission (TypeInformation,
MemberAccess) and SecurityPermission (Execution, SerializationFormatter).
Doesn't sound like it should need admin rights.
What I'm after is:
1. How do I determine which operations in my assembly require local
administrator on the box to run?
2. Is there a way to work around these, short of just giving the runtime
account admin privileges?
Thank you in advance for your assistance.
--
Tim
- Follow-Ups:
- Re: Security blues
- From: Joe Kaplan
- Re: Security blues
- References:
- Re: Security blues
- From: Joe Kaplan
- Re: Security blues
- Prev by Date: Re: How do i do hardware protected HMAC'ing from dotnet?
- Next by Date: Re: Security blues
- Previous by thread: Re: Security blues
- Next by thread: Re: Security blues
- Index(es):
Relevant Pages
|
