|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Alternative to APTCA AllowPartiallyTrustedCallersAttribute?0. I have a web app in an intranet setting. 1. I have a .Net 2.0 user control that i want to embed/host in IE. 2. It relies on a 3rd-party COM dll. 3. I've created an interop assembly around the DLL and gave it a strong name. 4. I've given my user control a strong name. 5. In my user control, I've specified AllowPartiallyTrustedCallers attribute 6. I've created an html page with a <link> to a config where both assemblies are listed in <dependentAssembly> stanzas. 7. Both dependent assemblies are described with both their identity, their publicKeyToken, their codeBase, and href. 8. Lastly, I create a new code group, associate the strong name of my user control, set perms to FullTrust. It all works (at least from my desktop). So, everything I read on APTCA says "security risk". In of the MS' Patterns and Practices, it says "Use APTCA only where it is strictly necessary." What alternatives do I have to make my web app more secure, or at least more secure than what APTCA is referring to? I know that I can increase the permission set of LocalIntranet_Zone to FullTrust, but I don't think that's more secure. Suggestions? Thanks Gary F. well - those docs quite oversimplify things - APTCA is not a bad (or insecure)
thing per se - you just have to know the implications. As soon as you add APTCA to an assembly it can be called by partially trusted callers - and thats exactly what you want - but keep in mind that there may be other partially trusted code (maybe even malicious) - that potentially can use your control. so the right guidance should be "before you apply APTCA, make sure your code is not full of security bugs and vulnerabilities". --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com Show quoteHide quote > So I have the following situation: > > 0. I have a web app in an intranet setting. > 1. I have a .Net 2.0 user control that i want to embed/host in IE. > 2. It relies on a 3rd-party COM dll. > 3. I've created an interop assembly around the DLL and gave it a > strong > name. > 4. I've given my user control a strong name. > 5. In my user control, I've specified AllowPartiallyTrustedCallers > attribute > 6. I've created an html page with a <link> to a config where both > assemblies are listed in <dependentAssembly> stanzas. > 7. Both dependent assemblies are described with both their identity, > their publicKeyToken, their codeBase, and href. > 8. Lastly, I create a new code group, associate the strong name of my > user control, set perms to FullTrust. > It all works (at least from my desktop). > > So, everything I read on APTCA says "security risk". In of the MS' > Patterns and Practices, it says "Use APTCA only where it is strictly > necessary." > > What alternatives do I have to make my web app more secure, or at > least more secure than what APTCA is referring to? > > I know that I can increase the permission set of LocalIntranet_Zone to > FullTrust, but I don't think that's more secure. > > Suggestions? > > Thanks > > Gary F. > In addition to what Dominick has already mentioned, since this is a 2.0
assembly, you can take advantage of transparency to help reduce the security audit burden associated with APTCA. For an introduction to transparency, see http://blogs.msdn.com/shawnfa/archive/2005/08/31/458641.aspx and http://blogs.msdn.com/shawnfa/archive/2005/09/09/462975.aspx. Show quoteHide quote "Gary F." <gwfon***@gmail.com> wrote in message news:1143515522.855146.174190@g10g2000cwb.googlegroups.com... > So I have the following situation: > > 0. I have a web app in an intranet setting. > 1. I have a .Net 2.0 user control that i want to embed/host in IE. > 2. It relies on a 3rd-party COM dll. > 3. I've created an interop assembly around the DLL and gave it a strong > name. > 4. I've given my user control a strong name. > 5. In my user control, I've specified AllowPartiallyTrustedCallers > attribute > 6. I've created an html page with a <link> to a config where both > assemblies are listed in <dependentAssembly> stanzas. > 7. Both dependent assemblies are described with both their identity, > their publicKeyToken, their codeBase, and href. > 8. Lastly, I create a new code group, associate the strong name of my > user control, set perms to FullTrust. > > It all works (at least from my desktop). > > So, everything I read on APTCA says "security risk". In of the MS' > Patterns and Practices, it says "Use APTCA only where it is strictly > necessary." > > What alternatives do I have to make my web app more secure, or at least > more secure than what APTCA is referring to? > > I know that I can increase the permission set of LocalIntranet_Zone to > FullTrust, but I don't think that's more secure. > > Suggestions? > > Thanks > > Gary F. > 
Other interesting topics
ClickOnce and remembering permissions granted
Tightening the default CAS policy How to encrypt a string with ProtectedData (.NET 2.0) JavaScience CD versus book Rights to get Data for Crystal reports How do I deistinguis between a user and a group/role bad encryption GSSAPI bindings for C#/.NET How do I configure the CA in win 2003 server? Identifying group memberships for users authenticated with AD Trus |
|||||||||||||||||||||||
