|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Saving config file - System.UnauthorizedAccessExceptionThis time I am attempting to save settings back to the application configuration file. The exe and config file reside on a network drive. I've configured the application to be trusted fully using the Microsoft Configuration Tool and the security errors I was getting before disappeared. Now when I go to save any settings to the config I get this error - System.UnauthorizedAccessException: Attempted to perform an unauthorized operation. at System.Security.AccessControl.Win32.SetSecurityInfo(ResourceType type, String name, SafeHandle handle, SecurityInfos securityInformation, SecurityIdentifier owner, SecurityIdentifier group, GenericAcl sacl, GenericAcl dacl) at System.Security.AccessControl.NativeObjectSecurity.Persist(String name, SafeHandle handle, AccessControlSections includeSections, Object exceptionContext) at System.Security.AccessControl.NativeObjectSecurity.Persist(String name, AccessControlSections includeSections) at System.Security.AccessControl.FileSystemSecurity.Persist(String fullPath) at System.IO.File.SetAccessControl(String path, FileSecurity fileSecurity) at System.Configuration.Internal.WriteFileContext.DuplicateTemplateAttributes(String source, String destination) at System.Configuration.Internal.WriteFileContext.DuplicateFileAttributes(String source, String destination) at System.Configuration.Internal.WriteFileContext.Complete(String filename, Boolean success) at System.Configuration.Internal.InternalConfigHost.StaticWriteCompleted(String streamName, Boolean success, Object writeContext, Boolean assertPermissions) at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.WriteCompleted(String streamName, Boolean success, Object writeContext, Boolean assertPermissions) at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.WriteCompleted(String streamName, Boolean success, Object writeContext) at System.Configuration.Internal.DelegatingConfigHost.WriteCompleted(String streamName, Boolean success, Object writeContext) at System.Configuration.UpdateConfigHost.WriteCompleted(String streamName, Boolean success, Object writeContext) at System.Configuration.MgmtConfigurationRecord.SaveAs(String filename, ConfigurationSaveMode saveMode, Boolean forceUpdateAll) at System.Configuration.Configuration.SaveAsImpl(String filename, ConfigurationSaveMode saveMode, Boolean forceSaveAll) at System.Configuration.Configuration.Save(ConfigurationSaveMode saveMode) at PricingLoader.Maintenance.UpdateSettings(String input, String output, String error, String backup, String interval) at PricingLoader.Maintenance.BtnOk_Click(Object sender, EventArgs e) Any ideas how I can resolve this problem? Thankyou once again.... David Hello,
I think the reason I was having this problem was due to the configuration file (which contains appSettings) is read-only. However, as the client didnt want user settings written to a local computer and wanted just an exe and one local config file I had to manually create a new config file for any changes to the application settings and then refresh the settings internally by re-loading these settings using ConfigurationManager. Strange I am able to overwrite the exisiting config file with a new one, but not able to edit and save changes to it. Still it seemed to work ok, thank god! Best, David Hi,
Show quoteHide quote "David++" <Da***@discussions.microsoft.com> wrote in message I guess the account you used to overwrite the file is different from that news:E00B8050-0C05-42BE-943A-1391FD0797CF@microsoft.com... > Hello, > > I think the reason I was having this problem was due to the configuration > file (which contains appSettings) is read-only. However, as the client > didnt > want user settings written to a local computer and wanted just an exe and > one > local config file I had to manually create a new config file for any > changes > to the application settings and then refresh the settings internally by > re-loading these settings using ConfigurationManager. Strange I am able to > overwrite the exisiting config file with a new one, but not able to edit > and > save changes to it. Still it seemed to work ok, thank god! one running your wep app. If impersonation is enabled the web app code is running with the credentials of the client, so that gives even more options for a client being able to not update those settings. As long as the ConfigurationManager class is used it is reading the settings from a cached in memory version, so the file access has been executed at app start. It has been a while since I read this, so I do not remember all the details, but the documentation in MSDN has quite some stuff in there and there is also a good book from WROX about aspnet 2.0 security. -- Show quoteHide quoteSvenC > Best, > David
Show quote
Hide quote
"SvenC" wrote: Thanks for your reply. I'm running the app from a network share, its also a > Hi, > > "David++" <Da***@discussions.microsoft.com> wrote in message > news:E00B8050-0C05-42BE-943A-1391FD0797CF@microsoft.com... > > Hello, > > > > I think the reason I was having this problem was due to the configuration > > file (which contains appSettings) is read-only. However, as the client > > didnt > > want user settings written to a local computer and wanted just an exe and > > one > > local config file I had to manually create a new config file for any > > changes > > to the application settings and then refresh the settings internally by > > re-loading these settings using ConfigurationManager. Strange I am able to > > overwrite the exisiting config file with a new one, but not able to edit > > and > > save changes to it. Still it seemed to work ok, thank god! > > I guess the account you used to overwrite the file is different from that > one running your wep app. If impersonation is enabled the web app code is > running with the credentials of the client, so that gives even more options > for a client being able to not update those settings. As long as the > ConfigurationManager class is used it is reading the settings from a cached > in memory version, so the file access has been executed at app start. It has > been a while since I read this, so I do not remember all the details, but > the documentation in MSDN has quite some stuff in there and there is also a > good book from WROX about aspnet 2.0 security. > > -- > SvenC > > > Best, > > David > Hi SvenC, windows forms app. I picked up some information from - Windows Forms 2.0 Programming, it has a good section on how to handle user and application settings in there. Cheers, David 
Other interesting topics
SecurityExcepion inside DLL linked in an HTML tag OBJECT
System.UnauthorizedAccessException - Using win forms application opening file - Urgent Generating RSA key with different public exponent Encrypt/Decrypt Username Password using Public Key RSACryptoServiceProvider Data Acess aplication block AzAuthorizationStore.Initialize on ADAM Url throws FileNotFoundException Accessing certificate services with .net security problem with xp_cmdshell Code Access Security - Evidence |
|||||||||||||||||||||||
