|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Check for certian privilegesI need to check if the user of the app has IO and Registy rights. How do I
"Assert" that the current user of a WinForm app has these rights? Thanks, John Let me expand on my question. From what i understand CAS checks if the
calling assembly has rights to a certian resource. But what about plain ole fashioned user rights? Does CAS check that too? If the assembley has full trust, but the user does not have rights to the registry, how can I check if the user has rights or not? Show quoteHide quote "john conwell" wrote: > I need to check if the user of the app has IO and Registy rights. How do I > "Assert" that the current user of a WinForm app has these rights? > > Thanks, > John CAS does not check NT security. It checks the rights of the code to do
certain operations, not the user running the code. The easiest and most reliable way to check check access to NT protected resources is to try to open them and catch the UnauthorizedAccessException that might happen. If you want to do this programmatically, you probably want to be looking at p/invoke on the AccessCheck API function. Joe K. Show quoteHide quote "john conwell" <johnconw***@discussions.microsoft.com> wrote in message news:F8DD2019-35BD-4E53-BBD4-0AD588A231A1@microsoft.com... > Let me expand on my question. From what i understand CAS checks if the > calling assembly has rights to a certian resource. But what about plain > ole > fashioned user rights? Does CAS check that too? If the assembley has > full > trust, but the user does not have rights to the registry, how can I check > if > the user has rights or not? > > "john conwell" wrote: > >> I need to check if the user of the app has IO and Registy rights. How do >> I >> "Assert" that the current user of a WinForm app has these rights? >> >> Thanks, >> John Thats what I was afraid of. I am really under the belief that using try/catch
to control process flow is BAD practice, but I dont think I have another choice. Show quoteHide quote "Joe Kaplan (MVP - ADSI)" wrote: > CAS does not check NT security. It checks the rights of the code to do > certain operations, not the user running the code. > > The easiest and most reliable way to check check access to NT protected > resources is to try to open them and catch the UnauthorizedAccessException > that might happen. If you want to do this programmatically, you probably > want to be looking at p/invoke on the AccessCheck API function. > > Joe K. > > "john conwell" <johnconw***@discussions.microsoft.com> wrote in message > news:F8DD2019-35BD-4E53-BBD4-0AD588A231A1@microsoft.com... > > Let me expand on my question. From what i understand CAS checks if the > > calling assembly has rights to a certian resource. But what about plain > > ole > > fashioned user rights? Does CAS check that too? If the assembley has > > full > > trust, but the user does not have rights to the registry, how can I check > > if > > the user has rights or not? > > > > "john conwell" wrote: > > > >> I need to check if the user of the app has IO and Registy rights. How do > >> I > >> "Assert" that the current user of a WinForm app has these rights? > >> > >> Thanks, > >> John > > > I totally agree. However, in this case, the only way to be 100% sure is to
try it. AccessCheck is viable though and might not be that hard to do. Check pinvoke.net to see if anyone has already written a wrapper. Even if you use AccessCheck to verify access, the ACL on the object could certainly change between the time you check it and the time you go to access it, so you still need the try/catch. The resource could also get deleted out from under you for that matter. Best of luck, Joe K. Show quoteHide quote "john conwell" <johnconw***@discussions.microsoft.com> wrote in message news:733DF9E8-70A0-408E-B9BD-CDF1E4C6013A@microsoft.com... > Thats what I was afraid of. I am really under the belief that using > try/catch > to control process flow is BAD practice, but I dont think I have another > choice. > > "Joe Kaplan (MVP - ADSI)" wrote: > >> CAS does not check NT security. It checks the rights of the code to do >> certain operations, not the user running the code. >> >> The easiest and most reliable way to check check access to NT protected >> resources is to try to open them and catch the >> UnauthorizedAccessException >> that might happen. If you want to do this programmatically, you probably >> want to be looking at p/invoke on the AccessCheck API function. >> >> Joe K. >> >> "john conwell" <johnconw***@discussions.microsoft.com> wrote in message >> news:F8DD2019-35BD-4E53-BBD4-0AD588A231A1@microsoft.com... >> > Let me expand on my question. From what i understand CAS checks if the >> > calling assembly has rights to a certian resource. But what about >> > plain >> > ole >> > fashioned user rights? Does CAS check that too? If the assembley has >> > full >> > trust, but the user does not have rights to the registry, how can I >> > check >> > if >> > the user has rights or not? >> > >> > "john conwell" wrote: >> > >> >> I need to check if the user of the app has IO and Registy rights. How >> >> do >> >> I >> >> "Assert" that the current user of a WinForm app has these rights? >> >> >> >> Thanks, >> >> John >> >> >>  
Other interesting topics
ASP.NET Uploading Security Issue?
Distributed winforms application security system.security.securityexception WindowsIdentity role caching in ASP.NET IsInRole groupname with white space. High-strength crypto problems Restricting Upload File Types Impersonation code Pls Help! Passing credential between two web sites on same machin OAEP Decryption Error |
|||||||||||||||||||||||
