I granted assemblies with a particular Strong Name "Full Trust" both in "My Computer" and "Intranet" zone. When I run them out of VS.Net IDE they run with full set of permissions. But, the moment I specify one or more permissions as "requisites" on my assembly, I get SecurityException (s) for the permissions I didn't mention on my assembly.
- I used .Net Framework 2.0 Configuration Wizard to grant all assemblies (in MyComputer zone as I'm debugging in my IDE) that has a particular Strong Name.
- Now, I go ahead and specify a single pre-requisite for the assembly:
- [assembly: SqlClientPermission(SecurityAction.RequestMinimum, Unrestricted = true)]
- I run the application
- A tell-tale security warning appears signifying the assembly is no longer running under "Full Trust"
- Warning: Indicates assembly is no longer running under "Full Trust"
- I specify UI permissions now:
- [assembly: UIPermission(SecurityAction.RequestMinimum, Unrestricted=true)
- Fig 2: UIPermission granted. No warning messages
- The warning disappears
- As soon as I move to the next step in the wizard [where it requires a ConfigurationPermission], it throws a SecurityException
- Fig 3: Exception due to ConfigurationPermission denied
- But when I remove all CAS permission request declarations, the code appears to run with "Full Trust"
- Fig 4: All access granted [including ConfigurationPermission]
This leads me to wonder if the permissions I do not specify on the assembly become part of the permissions refused!
No comments:
Post a Comment