Re: Security blues



Once you have those tools, you'll find a million uses for them. Glad it
worked out!

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"ItsOnlyAFleshWound" <ItsOnlyAFleshWound@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:7FE54331-5BCC-4A0A-8EEF-FE776B374EB2@xxxxxxxxxxxxxxxx
Thanks, Joe.

I was able to determine what my problems are using the tool you
recommended.
I have already worked around one and can pose the other to the
development
group responsible for the libraries that I am using.

Very useful piece of software.
Thanks again.
--
Tim


"Joe Kaplan" wrote:

Generally, when an app behaves differently depending on the user who is
running it, this is because of Windows security, not Code Access
Security.
CAS determines what the code is allowed to do independent of the user who
is
running it. As such, permcalc isn't likely to be of much use.

You might consider using a tool like process monitor to see if there are
any
files or registry key accesses that are generating an access denied error
during execution. This is often a good indication of the Windows
permission
that is being requested and not granted and my give you some idea where
to
look.

Note also that if you don't have the source code for some of your
assemblies, you can often do a serviceable job of recovering it with
Reflector with the file disassembler plug-in.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"ItsOnlyAFleshWound" <ItsOnlyAFleshWound@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message news:54B5DA96-F5D4-4EC2-9888-08BE32A439D1@xxxxxxxxxxxxxxxx
.Net gurus,

I have written an app that works great on my dev workstation. When I
load
it on the corporate server, it fails, seemingly with an error unrelated
to
security. (It says it cannot load a resource string, while all
resources
are
embedded in the assembly.) However, when I get the admin of the server
to
run the program with admin rights, it succeeds. "Fix the security,"
you
say,
and you're right of course.

Here are the complications of fixing the security.
1. It is using a common library of assemblies which were developed by a
number of individuals at my company, many of whom no longer work here.
I
have no idea how they might have set up security.
2. My company is using .Net 1.1, so I cannot use PermCalc. At least I
think
not.
3. Permview doesn't give me much: ReflectionPermission
(TypeInformation,
MemberAccess) and SecurityPermission (Execution,
SerializationFormatter).
Doesn't sound like it should need admin rights.

What I'm after is:
1. How do I determine which operations in my assembly require local
administrator on the box to run?
2. Is there a way to work around these, short of just giving the
runtime
account admin privileges?

Thank you in advance for your assistance.
--
Tim





.