Manifested Controls Redux

Last year, I made a series of posts about a new feature available in the betas of .NET 3.5 which enabled you to specify declaratively the set of permissions that IE hosted managed controls should run with.  Since the betas there have been a couple of tweaks to the manifest control model, so those posts…

1

Avoiding Assembly Level Declarative Security

I’ve written in the past about the three assembly level declarative security actions: RequestMinimum, RequestOptional, and RequestRefuse.  Although the CLR has supported these since v1.0, I tend to stay away from using them as much as I possibly can, and also recommend that others avoid them as well.  Let me go through each one individually:…


Bypassing the Authenticode Signature Check on Startup

A while back I wrote about the performance penalty of loading an assembly with an Authenticode signature.  The CLR will attempt to verify the signature at load time to generate Publisher evidence for the assembly.  However, by default most applications don’t need Publisher evidence.  Standard CAS policy does not rely on the PublisherMembershipCondition, so unless your…

3

Loading an Assembly as a Byte Array

One of the various ways that you can load an assembly is by supplying the raw bytes of an assembly as a byte array.  The security identity of an assembly loaded this way turns out to be different than if you were to load the same assembly by name or by file.  In the case…

1

Using the MMC Snap-In to Configure 64 Bit CAS Policy

The .NET Framework SDK ships with a MMC Snap-In which enables you to, among other things, avoid using caspol to modify your local security policy. Since each runtime installed on your machine has independent security policy, the MMC Snap-In will only modify policy for the version of the CLR it is running against, and you may need to have…

1

Specifying Permissions for IE Controls in Orcas

One of my most read blog posts (and one of the reasons I created this blog in the first place — to answer what was one of the most asked questions on the old .NET Security newsgroup), is my post about granting managed controls hosted in IE extra permissions.  If you need to have a…

1

Enumerating Evidence

The Evidence class supports being enumerated in three different ways: GetAssemblyEnumerator GetHostEnumerator GetEnumerator The first two are pretty self explanatory, enumerating over the evidence that the assembly supplied itself, or over the evidence supplied by the CLR and it’s hosting application.  However, Evidence is also IEnumerable which means it allows you to do an unqualified…

1

Assembly Provided Evidence

We all know that the CLR provides many types of evidence to assemblies and AppDomains by default, but one feature of the runtime that’s much less known is that assemblies can actually provide evidence of their own.  This seems to be one of the best kept secrets in CLR security, the only mention of it…

6

Evidence Must Be Serializable

The Evidence object acts as a collection for any sort of object that you want to add as evidence for an assembly or AppDomain.  (It can get confusing because there is both an Evidence class and objects used as evidence.  I’ll capitalize the first one to disambiguate between them).  Both the AddHost and AddAssembly methods take…

4

new NamedPermissionSet

Every once in a while I find some code doing something similar to this: new NamedPermissionSet(“LocalIntranet”).Assert(); // … call some API that requires Intranet permissions here CodeAccessPermission.RevertAssert(); At best this code is confusing to people reading it, and at worse this code is actually doing something very different than what the author is intending to do. The…