Home All Groups Group Topic Archive Search About

Re: Limiting exe permissions

microsoft.public.dotnet.security
Author
26 Aug 2005 11:47 AM
Nicole Calinoiu
"Rene" <nospam@nospam.com> wrote in message
news:O3h%23BobqFHA.1256@TK2MSFTNGP09.phx.gbl...
> Yep, can't help but wonder why Microsoft didn't address this security
> issues.

Much of the CAS effort has been around directly downloaded code (e.g.:
controls hosted on web pages) rather than the locally installed scenario.
While I happen to agree with you that the latter deserves addition
attention, that's not where past priorities have been.  Also, if you take a
look at past postings in this newsgroup, you'll probably find a great deal
of complaint about the limitations that CAS already imposes.  There seem to
be far more developers who want their code to be ensured a high privilege
grant than are willing to accept the constraints of low CAS privilege,
forget about seeking these out on purpose.


> I bet there are thousands of people that don't use applications from
> unknown companies because they are afraid of what they are downloading.

"Thousands" aren't likely to be a compelling user pool for Microsoft. <g>
Luckily, the numbers are probably considerable higher (and growing all the
time), which is part of why I'm still hoping that limiting permissions of
locally installed code will eventually become a more important goal.


> In my opinion, setting permissions of an executable should be as simple as
> right clicking the file, go to some tab like the security tab and select
> an option from a combo box list such as "Full Trust", "Medium Trust",
> "Don't let this file do anything except run" etc.

You might want to take a look at the new ClickOnce functionality in the v.
2.0 .NET Framework, which does address at least some of your concerns.


> Finally, there should be some kind of managed installer where you can
> limit its ability to do anything except what you give it permissions for.

ClickOnce is a start along those lines, but it does allow a mix with
unmanaged components, and naive end users are unlikely to be able to make
informed decisions about the consequences of various installation options.

Author
27 Aug 2005 2:08 AM
Rene
Thanks

Show quoteHide quote
"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
news:e8k35PjqFHA.248@TK2MSFTNGP14.phx.gbl...
> "Rene" <nospam@nospam.com> wrote in message
> news:O3h%23BobqFHA.1256@TK2MSFTNGP09.phx.gbl...
>> Yep, can't help but wonder why Microsoft didn't address this security
>> issues.
>
> Much of the CAS effort has been around directly downloaded code (e.g.:
> controls hosted on web pages) rather than the locally installed scenario.
> While I happen to agree with you that the latter deserves addition
> attention, that's not where past priorities have been.  Also, if you take
> a look at past postings in this newsgroup, you'll probably find a great
> deal of complaint about the limitations that CAS already imposes.  There
> seem to be far more developers who want their code to be ensured a high
> privilege grant than are willing to accept the constraints of low CAS
> privilege, forget about seeking these out on purpose.
>
>
>> I bet there are thousands of people that don't use applications from
>> unknown companies because they are afraid of what they are downloading.
>
> "Thousands" aren't likely to be a compelling user pool for Microsoft. <g>
> Luckily, the numbers are probably considerable higher (and growing all the
> time), which is part of why I'm still hoping that limiting permissions of
> locally installed code will eventually become a more important goal.
>
>
>> In my opinion, setting permissions of an executable should be as simple
>> as right clicking the file, go to some tab like the security tab and
>> select an option from a combo box list such as "Full Trust", "Medium
>> Trust", "Don't let this file do anything except run" etc.
>
> You might want to take a look at the new ClickOnce functionality in the v.
> 2.0 .NET Framework, which does address at least some of your concerns.
>
>
>> Finally, there should be some kind of managed installer where you can
>> limit its ability to do anything except what you give it permissions for.
>
> ClickOnce is a start along those lines, but it does allow a mix with
> unmanaged components, and naive end users are unlikely to be able to make
> informed decisions about the consequences of various installation options.
>



Post Other interesting topics
[ANN][X-POST] Goliath.NET Obfuscator...
Implementing Kerberos Authentication
Limiting exe permissions
signcode vs signtool
Impossible to set security policy for VSTO Excel?
accessing Active Directory
Get the user email
.NET 2003 DLL - how secure?
XmlSerializer : CS0647 Compilation Error
dll Licensing package? Need to protect my API's