|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
VS2005 Throws Security Exception when run from Network!?Dear List,
I have developed an application in VS 2005. The application works fine when run from the Local drive C:\ but when the application is run from a Network Drive it throws a Security Exception. The Exception getting thrown is - I would rather the user doesnt have to configure the app themselves so I believe you can make the assemblies 'Strong-Named' and add a Public/Private Key pair which can be modifed to setup the various security permissions? I have generated a Public/Private Key pair, added it to my project, but what next? How do I set these permissions? Thanks for any help offered, Best Regards, David Ross See http://blogs.msdn.com/shawnfa/archive/2003/06/20/57023.aspx for CAS
policy modification instructions. However, given that this is a .NET 2.0 application, you may prefer to deploy as a ClickOnce application, which would help avoid the need to deploy the policy modifications to the client machines. Show quoteHide quote "David++" <Da***@discussions.microsoft.com> wrote in message news:AC2E453E-7561-431D-8151-2290AAC848BC@microsoft.com... > Dear List, > > I have developed an application in VS 2005. The application works fine > when > run from the Local drive C:\ but when the application is run from a > Network > Drive it throws a Security Exception. The Exception getting thrown is - > > I would rather the user doesnt have to configure the app themselves so I > believe you can make the assemblies 'Strong-Named' and add a > Public/Private > Key pair which can be modifed to setup the various security permissions? I > have generated a Public/Private Key pair, added it to my project, but what > next? How do I set these permissions? > > Thanks for any help offered, > > Best Regards, > David Ross > >
Show quote
Hide quote
"Nicole Calinoiu" wrote: Thank you, I will look into that,> See http://blogs.msdn.com/shawnfa/archive/2003/06/20/57023.aspx for CAS > policy modification instructions. However, given that this is a .NET 2.0 > application, you may prefer to deploy as a ClickOnce application, which > would help avoid the need to deploy the policy modifications to the client > machines. > > > > "David++" <Da***@discussions.microsoft.com> wrote in message > news:AC2E453E-7561-431D-8151-2290AAC848BC@microsoft.com... > > Dear List, > > > > I have developed an application in VS 2005. The application works fine > > when > > run from the Local drive C:\ but when the application is run from a > > Network > > Drive it throws a Security Exception. The Exception getting thrown is - > > > > I would rather the user doesnt have to configure the app themselves so I > > believe you can make the assemblies 'Strong-Named' and add a > > Public/Private > > Key pair which can be modifed to setup the various security permissions? I > > have generated a Public/Private Key pair, added it to my project, but what > > next? How do I set these permissions? > > > > Thanks for any help offered, > > > > Best Regards, > > David Ross > > David Hello again,
Ok, I've been trying to solve this for the last couple of days now and still no joy. The error that is getting thrown is - Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' And if I click details it also says - The Zone of the assembly that failed was: Intranet In the Project properties I have ran the 'Calculate Permissions' and it says that to run the application must be 'Full Trust'. So I have tried deploying as full trust and no joy. I have also built the application using Partial Trust and excluded the EnvironmentPermission. Still no joy this way. I have Signed the application with a Strong name and produced a strong name key file. If I then build and place the exe of the application on the Network, and also configure the Microsoft .NET 2.0 Framework Configuration by adding a new group to the All_Code then this works. Is this correct? I'm new to strong names and Microsoft .NET configuration. If I do this, is it granting the securities to just my application? If so then this should be acceptable. Another option would be to simply 'turn off' the thing throwing the security exception. However its still not clear for me how to do this..its not really straight forward. I'm on VS 2005 if that helps. Is there anything programmatically i can set in my application which means I dont have to Configure anything externally? Thanks for any further help, Kinda confused here.... David
Show quote
Hide quote
"David++" <Da***@discussions.microsoft.com> wrote in message Exactly what happened when you attempted to deploy as a fully trusted news:4CBBF8F9-22FB-483D-AFD4-B5063E05B2DE@microsoft.com... > Hello again, > > Ok, I've been trying to solve this for the last couple of days now and > still > no joy. The error that is getting thrown is - > > Request for the permission of type > 'System.Security.Permissions.EnvironmentPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' > > And if I click details it also says - > > The Zone of the assembly that failed was: > Intranet > > In the Project properties I have ran the 'Calculate Permissions' and it > says > that to run the application must be 'Full Trust'. So I have tried > deploying > as full trust and no joy. ClickOnce app? Were you running from the ClickOnce harness page or were you trying to run the executable directly off a network share? If the former, were you prompted to elevate the assembly's permissions? > I have also built the application using Partial If the assembly is missing EnvirnmentPermssion, you need to include it, not > Trust and excluded the EnvironmentPermission. Still no joy this way. exclude it, when creating a partial trust ClickOnce manifest. > I have Signed the application with a Strong name and produced a strong It's one valid way of acquiring a full trust grant.> name > key file. If I then build and place the exe of the application on the > Network, and also configure the Microsoft .NET 2.0 Framework Configuration > by > adding a new group to the All_Code then this works. Is this correct? > I'm new It will grant the elevated permissions to all assemblies signed with your > to strong names and Microsoft .NET configuration. If I do this, is it > granting the securities to just my application? strong name key unless you also add name and version evidence to the strong name membership condition for the code group. > If so then this should be You can't disable the code access security system from within partially > acceptable. > > Another option would be to simply 'turn off' the thing throwing the > security > exception. However its still not clear for me how to do this..its not > really > straight forward. I'm on VS 2005 if that helps. trusted code. Even if you could, you shouldn't since this will leave the client machines vulnerable to attacks from other assemblies that ought to be partially trusted. > Is there anything programmatically i can set in my application which means No. If you were able to do this, so could a malicious developer. The > I > dont have to Configure anything externally? closest you can come at present is deploying as a ClickOnce assembly, where at least you won't need to modify CAS policy on each client machine. Hi Nicole,
Thanks for the reply. Show quoteHide quote > > Ok, I've been trying to solve this for the last couple of days now and When I built the application i was copying the exe to the network location > > still > > no joy. The error that is getting thrown is - > > > > Request for the permission of type > > 'System.Security.Permissions.EnvironmentPermission, mscorlib, > > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' > > > > And if I click details it also says - > > > > The Zone of the assembly that failed was: > > Intranet > > > > In the Project properties I have ran the 'Calculate Permissions' and it > > says > > that to run the application must be 'Full Trust'. So I have tried > > deploying > > as full trust and no joy. > > Exactly what happened when you attempted to deploy as a fully trusted > ClickOnce app? Were you running from the ClickOnce harness page or were you > trying to run the executable directly off a network share? If the former, > were you prompted to elevate the assembly's permissions? > along with its config file. I then created a shortcut to the exe and placed it on my desktop. When I started the app via the shortuct I got the error. I was not Publishing the app as ClickOnce which is maybe why the FullTrust settings were not getting added to the exe. However, when I published with ClickOnce and I run the setup.exe it doesnt prompt me to install the exe at a certain location, it just seems to run the exe. I guess I would have had to copy one of the generated application files i.e. either - MyApp.application MyApp_1_0_0_0.application ....along with the Folder - MyApp_1_0_0_0 to the network location for it to work correctly - is this right? In the end I got around the problem by using the Microsoft Configuration Tool and creating an MSI Deployment package to install the security settings on the clients machine. No the ideal solution but did the job at short notice. Best regards, David It sounds like you almost certainly didn't deploy and/or attempt to launch
the ClickOnce application in the intended manner. For instructions, see http://msdn2.microsoft.com/en-us/library/142dbbz4.aspx. Show quoteHide quote "David++" <Da***@discussions.microsoft.com> wrote in message news:15CEF970-8C15-4D73-B889-ECFE8C9E483B@microsoft.com... > Hi Nicole, > > Thanks for the reply. > >> > Ok, I've been trying to solve this for the last couple of days now and >> > still >> > no joy. The error that is getting thrown is - >> > >> > Request for the permission of type >> > 'System.Security.Permissions.EnvironmentPermission, mscorlib, >> > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' >> > >> > And if I click details it also says - >> > >> > The Zone of the assembly that failed was: >> > Intranet >> > >> > In the Project properties I have ran the 'Calculate Permissions' and it >> > says >> > that to run the application must be 'Full Trust'. So I have tried >> > deploying >> > as full trust and no joy. >> >> Exactly what happened when you attempted to deploy as a fully trusted >> ClickOnce app? Were you running from the ClickOnce harness page or were >> you >> trying to run the executable directly off a network share? If the >> former, >> were you prompted to elevate the assembly's permissions? >> > > When I built the application i was copying the exe to the network location > along with its config file. I then created a shortcut to the exe and > placed > it on my desktop. When I started the app via the shortuct I got the error. > > I was not Publishing the app as ClickOnce which is maybe why the FullTrust > settings were not getting added to the exe. However, when I published with > ClickOnce and I run the setup.exe it doesnt prompt me to install the exe > at a > certain location, it just seems to run the exe. I guess I would have had > to > copy one of the generated application files i.e. either - > > MyApp.application > MyApp_1_0_0_0.application > > ...along with the Folder - MyApp_1_0_0_0 to the network location for it to > work correctly - is this right? > > In the end I got around the problem by using the Microsoft Configuration > Tool and creating an MSI Deployment package to install the security > settings > on the clients machine. No the ideal solution but did the job at short > notice. > > Best regards, > David 
Other interesting topics
PKI confusion...
How to validate client certificate? Bad Data. Any idea what this means? Aplying more than 1 attributes ????? How to convert string to SecureString? SignedXml gives false negatives when using namespaces in signed xm recent security patch prevents desktop.ini CLSID folder-app association and custom icon Encrypting connection string in app.config Get role for any given user name ... Laptop Problems |
|||||||||||||||||||||||
