Okay, this might well be a newbie question. Sorry about the cross-post
from General, but I realised this was where I should have posted.

I've written a Windows service based upon the ServiceBase class. The
service, and all the classes it uses are in one assembly,
myservice.exe. I don't expect them to ever be reused in other
applications.

I have 2 questions:

Do I have to apply Code access security to this? I mean, it's an
application running locally, so presumably it has full trust.

Can I restrict it, and if so, how?

I tried adding:

[assembly:
FileIOPermission(SecurityAction.RequestOptional,Unrestricted=true)]

as I do want unrestricted access to the filesystem, and the
RequestOptional should deny any other permissions. However, now I get a
SecurityException:

"That assembly does not allow partially trusted callers"

That has me confused. What am I doing wrong? And is all this irrelevant
as I'm what I'm writing will only be run on the local machine?

RequestOptional basically puts you into partial trust - thats what you want.

But i guess you are now calling some assembly which requires full trust,
like remoting, enterprise services or WCF.

You could manually do a PermitOnly of FileIOPermission before you call the
code which does the File IO - this would only remove privileges locally and
not for the full assembly. But this is only effective if you are not callling
3rd party code...

what are you doing?

-----
Dominick Baier (http://www.leastprivilege.com)

Show quoteHide quote

Well, I am calling Log4NET to do my logging - though I've checked that
out, and I think it should be okay.

I'm wondering if the ServiceBase class itself might require Full Trust
- i.e. it won't run under partial trust.

What am I doing? I've been asked to write I service which connects to a
SharePoint 2007 service (on the same machine), queries a list, and
sends an email to some users about the contents of that list.

I guess it's worth pointing out that that means I'm using the
Microsoft.Sharepoint assembly.

you can use Reflector to check if either Log4Net, ServiceBase or SharePoint
is requiring full trust. Search for an assembly wide attribute called

[AllowPartiallyTrustedCallers]

i am very interested in what you find out (especially for SharePoint)


-----
Dominick Baier (http://www.leastprivilege.com)

Show quoteHide quote

ok i checked System.ServiceProcess - no APTCA - bummer.

But you can still use the approach i talked about earlier to lock down CAS
permission for your own code programmatically.


-----
Dominick Baier (http://www.leastprivilege.com)

Show quoteHide quote

Good plan.

Log4Net does have "AllowPartiallyTrustedCallers", as does
Microsoft.SharePoint, but System.ServiceProcess doesn't. I guess that's
my problem - and that I won't be applying CAS.

The attributes that I found:

ServiceProcess.dll:

// Assembly System.ServiceProcess, Version 2.0.0.0

[assembly: AssemblyVersion("2.0.0.0")]
[assembly: AssemblyTitle("System.ServiceProcess.dll")]
[assembly: ComVisible(false)]
[assembly:
Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
[assembly: AssemblyDefaultAlias("System.ServiceProcess.dll")]
[assembly: CLSCompliant(true)]
[assembly: CompilationRelaxations(8)]
[assembly: AssemblyDescription("System.ServiceProcess.dll")]
[assembly: RuntimeCompatibility(WrapNonExceptionThrows=true)]
[assembly: AssemblyKeyFile(@"f:\RTM\Tools\devdiv\FinalPublicKey.snk")]
[assembly: AssemblyDelaySign(true)]
[assembly: NeutralResourcesLanguage("en-US")]
[assembly: SatelliteContractVersion("2.0.0.0")]
[assembly: AssemblyInformationalVersion("2.0.50727.42")]
[assembly: AssemblyFileVersion("2.0.50727.42")]
[assembly: AssemblyCopyright("\x00a9 Microsoft Corporation.  All rights
reserved.")]
[assembly: AssemblyProduct("Microsoft\x00ae .NET Framework")]
[assembly: AssemblyCompany("Microsoft Corporation")]
[assembly: SecurityPermission(SecurityAction.RequestMinimum,
SkipVerification=true)]

Log4Net:

[assembly: AssemblyVersion("1.2.9.0")]
[assembly: AssemblyInformationalVersion("1.2")]
[assembly: Debuggable(false, true)]
[assembly: AssemblyCompany("The Apache Software Foundation")]
[assembly: AssemblyDescription("Logging Framework")]
[assembly: AssemblyCopyright("Copyright 2001-2005 The Apache Software
Foundation.")]
[assembly: AssemblyDelaySign(false)]
[assembly: AssemblyDefaultAlias("log4net")]
[assembly: AssemblyProduct("log4net")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyKeyFile(@"..\..\..\log4net.snk")]
[assembly: AssemblyTitle("log4net for .NET Framework 1.1")]
[assembly: AllowPartiallyTrustedCallers]
[assembly: CLSCompliant(true)]
[assembly: ComVisible(false)]
[assembly: AssemblyTrademark("Copyright 2001-2005 The Apache Software
Foundation.")]

Microsoft.SharePoint:

// Assembly Microsoft.SharePoint, Version 12.0.0.0

[assembly: AssemblyVersion("12.0.0.0")]
[assembly: Dotfuscator("1589:1:3.0.2321.28136")]
[assembly: InternalsVisibleTo("Microsoft.SharePoint.ApplicationPages,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: AllowPartiallyTrustedCallers]
[assembly: CompilationRelaxations(8)]
[assembly: InternalsVisibleTo("stsadm,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly:
Debuggable(DebuggableAttribute.DebuggingModes.DisableOptimizations |
DebuggableAttribute.DebuggingModes.Default)]
[assembly: AssemblyCopyright("\x00a9 2006 Microsoft Corporation.  All
rights reserved.")]
[assembly: AssemblyCompany("Microsoft Corporation")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyTrademark("Microsoft\x00ae is a registered trademark
of Microsoft Corporation. Windows\x00ae is a registered trademark of
Microsoft Corporation.")]
[assembly: AssemblyProduct("Windows SharePoint Services")]
[assembly: InternalsVisibleTo("psconfigUI,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: AssemblyFileVersion("12.0.4407.1005")]
[assembly: AssemblyTitle("Windows\x00ae SharePoint\x00ae Services")]
[assembly: InternalsVisibleTo("Microsoft.SharePoint.Search.Protocols,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: RuntimeCompatibility(WrapNonExceptionThrows=true)]
[assembly: InternalsVisibleTo("Microsoft.SharePoint.Search,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: InternalsVisibleTo("stssoap,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: ComVisible(true)]
[assembly: InternalsVisibleTo("HcInstal,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: AssemblyDescription("Windows\x00ae SharePoint\x00ae
Services")]
[assembly: InternalsVisibleTo("psconfig,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly:
InternalsVisibleTo("Microsoft.SharePoint.ApplicationPages.Administration,
PublicKey=0024000004800000940000000602000000240000525341310004000001000100afd4a0e7724151d5dd52cb23a30ded7c0091cc01cfe94b2bcd85b3f4eee3c4d8f6417bff763763a996d6b2dfc1e7c29bcfb8299779df8785cde2c168ceee480e570725f2468e782a9c2401302cf6dc17e119118ed2011937bae9698357ad21e8b6dfb40475d16e87eb03c744a5d32899a0dbc596a6b2cfa1e509be5fbd09facf")]
[assembly: CLSCompliant(false)]
[assembly: SecurityPermission(SecurityAction.RequestMinimum,
SkipVerification=true)]

Need help with DirectorySearcher FILTER using SID.
Redirect when User is Unauthorized
The remote server returned an error: (403) Forbidden - even with a valid verisign certificate
How do I use windowsIdentity to start a process in .net?
How to decrypt CAPICOM data i .NET 2.0
System.Net.WebException: The remote server returned an error: (404) Not Found.
SignedCms.ComputeSignature(CmsSigner) - Keyset does not exist
Howto encrypt configuration sections using Enterprise Library ?
Assembly Minimum Security Requirements
X509Certificate2.Verify fails