CLR v4 Security Policy Roundup

Over the last few weeks we’ve been taking a look at the updates to the CLR security policy system in the v4 release of the .NET Framework.  Here’s a quick index of those topics: Overview Security Policy in the v4 CLR Sandboxing in .NET 4.0 Updating code to work with the new model Implicit uses…

3

FullTrust on the LocalIntranet

We released the first beta of .NET 3.5 SP 1 this morning, and it includes a change to the default grant set for applications launched from the LocalIntranet zone.  The quick summary is that as of .NET 3.5 SP1, applications run from a network share will receive a grant set of FullTrust by default, making…

18

Avoiding Assembly Level Declarative Security

I’ve written in the past about the three assembly level declarative security actions: RequestMinimum, RequestOptional, and RequestRefuse.  Although the CLR has supported these since v1.0, I tend to stay away from using them as much as I possibly can, and also recommend that others avoid them as well.  Let me go through each one individually:…

0

Specifying Permissions for IE Controls in Orcas

One of my most read blog posts (and one of the reasons I created this blog in the first place — to answer what was one of the most asked questions on the old .NET Security newsgroup), is my post about granting managed controls hosted in IE extra permissions.  If you need to have a…

1

ClickOnce Same Site Permissions

ClickOnce applications can request that they be granted permission to contact their site of origin.  In Visual Studio this is done by clicking on the Advanced button in the Security tab of the project properties and checking “Grant the application access to its site of origin.” This has the effect of adding a SameSite attribute…

4

Sandboxed Applications Can’t Elevate Their Own Permissions

Every once in a while someone will ask how they can do something similar to these caspol commands from within their application. Generally, they want their application to be deployed from the Internet or a file share and don’t want users to have to deal with setting up CAS policy properly to get the application…

6

5 Reasons to Choose Simple Sandboxing

   When it comes time to host some partially trusted code in your application, perhaps as a part of an Add-In model, you’ve got a few options to choose from.  How do you decide which is the best way to go?   Thankfully the answer to this one is relatively straightforward – choose the new…

17

Debugging a Partial Trust ClickOnce Application

Although the theory is that by the time we deploy a finished application it’s already fully debugged we all know that in practice things rarely go that smoothly.  So what happens if you deploy a partial trust ClickOnce application that starts to crash when it’s run?  Well, if you’re lucky enough to have the problematic application stay…

3

Detecting that You’re Running in a ClickOnce Application

In my last post,  I mentioned that application scoped isolated storage only works if you’re running in a ClickOnce application.  That begs the question — how do I tell if I’m currently running in the context of a ClickOnce application? You can see if a ClickOnce application is running in the current AppDomain by checking the…

15

Isolated Storage and ClickOnce

Isolated storage introduced a new scope in v2.0 of the CLR to work with ClickOnce applications.  Application scoped Isolated storage is backed by the application’s data directory.  This enables scenarios where your isolated storage data will flow forward with your application as ClickOnce updates it to new versions. However, in order to take advantage of…

13