hi,
I'm trying to run an assembly in internet explorer (local mode - smart
client architecture).
I need to secure the running, so the first step is protecting the URL.
In .net framework 2.0 configuration I go to ->runtime security policy -
In the security permissions the Assert is Yes, and the membership
condition is URL with http://127.0.0.1/* , and then the following code
is working:
WebPermission webPerm = new
WebPermission(PermissionState.Unrestricted);
webPerm.Demand();

The second step is protecting it more with the Strong name of the
assembly.
In .net framework 2.0 configuration I go to ->runtime security policy -
Name with the public key of the assembly. The following code is
failed:
WebPermission webPerm = new
WebPermission(PermissionState.Unrestricted);
webPerm.Demand();

this code is also failing:
WebPermission webPerm = new
WebPermission(PermissionState.Unrestricted);
webPerm.Assert(); // bypass the AppDomain level in stackwalk
webPerm.Demand();

what I need to do for solving this problem?

Thank you,
Dov

ok, I made a mystake,
there is no point to call demand after assert, the assert "pass" the
application about the specific permission set.

If I want to add another permission sets like SocketPermission, I have
problem because you can do assert only to one permission set.
If I'm doing RevertAssert its not good also,
so maybe anyone know how to assert more than one permission set ???

Thanks

create a PermissionSet and add all the needed permissions to it.

PermissionSet ps = new PermissionSet();
ps.AddPermission (...);

the call Assert on the set

ps.Assert();
-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Show quoteHide quote

Thanks a lot Dominick !

Send custom IPrincipal object from client to WCF service - Possibl
httpwebrequest failure with .net service
??? Which Key Encrypts .Config Files ???
SQLClientPermission problem
Possible to restrict IP address access using ACLs?