|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
FullTrust on network driveI am trying to run a .NET 2.0 app from a network drive, but I'm getting an error on startup. I have configured the .NET security as follows: My Computer / Runtime Security Policy / Machine / Code Groups / All_Code / LocalIntranet_Zone = FullTrust I think the problem is that I'm using 2 IP addresses on my machine (192.168.0.1 and 10.124.0.1) and when I access machines in the 10.124.0.?? range, I have to access them by IP rather than machine name. I believe when I execute my program on this network, it is *not* regarded as Intranet, but Internet and I don't have FullTrust set on that. My question is: Can I configure a particular app to have FullTrust over this sort of connection? If so, how? TIA, Martin. If you are creating the app. yourself, the easier way to overcome this issue
is sign the assembly (sn.exe) and grant the nesseceary trust to this particular strongname. Regardless the app is in networkdrive or locally, it still presents the "appropriate" strongname and hence is given your trust level. -- Show quoteHide quotergds. /Claus Konrad MCSD.NET (C#) "Martin Hart" <"martin dot hartturner at" wrote: > Hi: > > I am trying to run a .NET 2.0 app from a network drive, but I'm getting > an error on startup. > > I have configured the .NET security as follows: > My Computer / Runtime Security Policy / Machine / Code Groups / All_Code > / LocalIntranet_Zone = FullTrust > > I think the problem is that I'm using 2 IP addresses on my machine > (192.168.0.1 and 10.124.0.1) and when I access machines in the > 10.124.0.?? range, I have to access them by IP rather than machine name. > I believe when I execute my program on this network, it is *not* > regarded as Intranet, but Internet and I don't have FullTrust set on that. > > My question is: Can I configure a particular app to have FullTrust over > this sort of connection? If so, how? > > TIA, > Martin. > Claus:
Thanks for the feedback. > If you are creating the app. yourself, the easier way to overcome this issue Yes, it is an app developed by us, and it is signed with a strong name.> is sign the assembly (sn.exe) and grant the nesseceary trust to this > particular strongname. > Regardless the app is in networkdrive or locally, it still presents the How do I set FullTrust for a strongname app?> "appropriate" strongname and hence is given your trust level. TIA, Martin. You simply use the wizard from the .NET 2.0 Configuration Tool
(Administrative Tools). It is quite self explainatory. Go to the Code Group called 'All_Code' and add a new Code Group called "myGroup". This group will contain a policy for strongname of choice. -- Show quoteHide quotergds. /Claus Konrad MCSD.NET (C#) "Martin Hart" <"martin dot hartturner at" wrote: > Claus: > > Thanks for the feedback. > > If you are creating the app. yourself, the easier way to overcome this issue > > is sign the assembly (sn.exe) and grant the nesseceary trust to this > > particular strongname. > > Yes, it is an app developed by us, and it is signed with a strong name. > > > Regardless the app is in networkdrive or locally, it still presents the > > "appropriate" strongname and hence is given your trust level. > > How do I set FullTrust for a strongname app? > > TIA, > Martin. > Claus:
Damm, that was well hidden ;-) Sorry for such a basic question, I've got it now and the app is working. Thanks, Martin. Claus Konrad [MCSD] escribió: Show quoteHide quote > You simply use the wizard from the .NET 2.0 Configuration Tool > (Administrative Tools). > > It is quite self explainatory. Go to the Code Group called 'All_Code' and > add a new Code Group called "myGroup". This group will contain a policy for > strongname of choice. > Martin,
Try this script (for .Net framework 2.0 only). Make sure you change the drive's name (file://M to yours). C:\WINNT\Microsoft.NET\Framework\v2.0.50727\caspol -q -m -ag 1.2 -url file://M: FullTrust -n M_Drive -d "FullTrust granted to: M_Drive" -- Show quoteHide quoteYour 2 cents are worth $milion$. Thanks. "Martin Hart" <"martin dot hartturner at" wrote: > Hi: > > I am trying to run a .NET 2.0 app from a network drive, but I'm getting > an error on startup. > > I have configured the .NET security as follows: > My Computer / Runtime Security Policy / Machine / Code Groups / All_Code > / LocalIntranet_Zone = FullTrust > > I think the problem is that I'm using 2 IP addresses on my machine > (192.168.0.1 and 10.124.0.1) and when I access machines in the > 10.124.0.?? range, I have to access them by IP rather than machine name. > I believe when I execute my program on this network, it is *not* > regarded as Intranet, but Internet and I don't have FullTrust set on that. > > My question is: Can I configure a particular app to have FullTrust over > this sort of connection? If so, how? > > TIA, > Martin. > mtv:
Thanks for the script. It seems to run fine, and the new item is added to the group, but I still can't get it to run. As I mentioned in my original post, could it be that the network drive is not considered 'Intranet' and therefore the '1.2' is the incorrect group? > C:\WINNT\Microsoft.NET\Framework\v2.0.50727\caspol -q -m -ag 1.2 -url TIA,> file://M: FullTrust -n M_Drive -d "FullTrust granted to: M_Drive" Martin. 
Other interesting topics
Unhandled exception vs handled (security issue)
Kerberos Token Renewal Why am I getting errors when I want to rebuild the TreeView contro Login error when opening a deployed project User creation.... Forms Authentication with Active Directory, login control crashes Impersonation testing Security Exception Is there a function that I can call to validate a domain? Is all .NET assembles are vulnerable to decompilation ? |
|||||||||||||||||||||||
