CAS Evidence collection on Vista 64 :-(

13 Dec 2008 11:05 PM

Gammern

I just can't figure out what is wrong with my Vista 64 .NET installation.
Remote/Intranet assemblies run under MyComputer Zone!!

I have a simple program that list the Evicence.

        static void Main(string[] args)
        {
            Assembly a = Assembly.GetExecutingAssembly();
            foreach (Object item in a.Evidence)
            {
                Console.WriteLine(item.ToString());
            }
        }

Before running from a public nw share, I turn of security; "caspol -security
off"

If I run it on XP 32, I get:
<System.Security.Policy.Zone version="1">
<Zone>Intranet</Zone>
</System.Security.Policy.Zone>

<System.Security.Policy.Url version="1">
<Url>file://mypc/pub/lsperm1.exe</Url>
</System.Security.Policy.Url>
.......
which is just as I expected.

If I run it on Vista 64, I get:
<System.Security.Policy.Zone version="1">
<Zone>MyComputer</Zone>
</System.Security.Policy.Zone>

<System.Security.Policy.Url version="1">
<Url>file://mypc/pub/lsperm1.exe</Url>
</System.Security.Policy.Url>
......
wich is NOT what I expected. "<Zone>MyComputer</Zone>" must be wrong!
How can an assembly hosted on a remote machine get identified as beeing in
MyComputer Zone?

I have tried "caspol -all -force -reset".
caspol -rsg \\mypc\pub\lsperm1.exe do get it right on both XP and Vista,
Zone - Intranet.

Any suggestions?

..NET/CASDisabler.AAA?

14 Dec 2008 3:45 PM

Gammern

Looks like it is a change in .NET Framework 3.5 sp1

http://www.aspnetpro.com/newsletterarticle/2008/07/asp200807dk_l/asp200807dk_l.asp

Creating DWORD key "LegacyMyComputerZone" with value 1 in
"HKLM\Software\Microsoft\.NETFramework" solved the problem for me.

Guess a lot of people studying for the 70-536 exam will stumble across this
problem since most of the CAS samples around will require the above registry
setting.