Re: Different Permissions For Forms Control in Internet Explorer Applied

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Is the 1.1 vs 2.0 difference being observed on identical assemblies, or did
you make some code changes for the 2.0 version? If the latter, you may want
to take a look at
http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx to see if any of
your changes might have impacted on the effect permission grant. For
example, if your code uses assertions to work around the AppDomain
permission limitation, and you've marked your 2.0 assembly as
SecurityTransparent, your assertions will not work.

If the problem is being observed on the same assembly, might it be that the
1.1 CAS policy is granting extended permissions based on something other
than the strong name (e.g.: local intranet zone granted full trust)? If
not, are any exception being thrown and, if so, could you please post the
full exception details (incl. call stack listing), as returned by its
ToString method?


"Markus Kling" <markus.kling@xxxxxxxxxxxxx> wrote in message
news:O0kwKvElGHA.3304@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

I have a Windows Forms Control running within the Internet Explorer.

The application is able to download files from a remote store via drag and
drop to the local filesystem. Some details:

- The files are selected from a ListView

- ListView.ItemDrag
- calculates a temporary filename (beneath Path.GetTempPath()) for each
of the selected files
- and creates the necessary DataObject structure with DataFormts.FileDrop
and DragDropEffects.Move

- ListView.QueryContinueDrag watches for the DragAction.Drop event and
than downloads the file(s) content from the remote location to the
calculated temporary filename. The file does not exist prior to this
point.

Due to several circumstances the application is assigned FullTrust via the
StrongName condition. All is running smoothly under .Net 1.1.

For .Net 2.0 with equal security settings the temporary file is not moved
from its temporary location to the drop location. To be clear: this is not
done by the application itself but the Windows Explorer.

Now comes the mistery:

- With security turned off completly (caspol -s off) the application works
- With a UrlCondition attached to the complete webserver (not only the
controls dll location) the application works
- http://servername/path/name.dll does not work
- http://servername/path/* does not work
- http://servername/* works


Why is fulltrust not fulltrust?
Any ideas?

Thanks for your help,
Markus


==================================
caspol -a -resolveperm http://... path to dll
==================================
Resolving permissions for level = Enterprise
Resolving permissions for level = Machine
Resolving permissions for level = User

Grant =
<PermissionSet class="System.Security.PermissionSet"
version="1"
Unrestricted="true"/>

==================================
caspol -a -resolvegroup http://... path to dll
==================================
Level = Enterprise
Code Groups:
1. All code: FullTrust

Level = Machine
Code Groups:
1. All code: Nothing
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web
1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery'
1.6. StrongName -
0024000004800000940000000602000000240000525341310004000001
0001009FE4E630CDE5D1309A7B2EA0196776663F30618D995FCBC564CCDA330C08022C6ED165DFFE
E84D7D8214E96EE7FE1B0A469344EECB010A9345B40132BC0991F9830851504AFACD13F559A54A50
5CD2E206A6A38C4D8E6C00F64DF16E92657E4A75E67E0FE57276C986239F2BC9D6E6DCCAC4D96E2C
CC2968AC2D3AA11DFB1FBB: FullTrust

Level = User
Code Groups:
1. All code: FullTrust






.

Relevant Pages

  • Re: FullTrust PermissionSet?
    ... Another difference between FullTrust and Everything is the SkipVerification ... >> FullTrust is a special permission set to the .Net Framework. ... FullTrust assemblies will pass every permission ...
    (microsoft.public.dotnet.security)
  • Reason behind implicit FullTrust LinkDemand?
    ... The .NET Framework assemblies ... One may counter argue that the implicit FullTrust ... LinkDemand just forces users to grant full trust to code that doesn't really ... permissions describing custom actions allowed or not in the system. ...
    (microsoft.public.dotnet.security)
  • Re: Error when executing from a network share
    ... Is there a recommended way to check whether FullTrust (or whatever is ... be that for loading assemblies dynamically you will again need FullTrust. ... Failed to grant minimum permission requests. ... Choose URL as condition type and type the UNC path of your app: ...
    (microsoft.public.dotnet.languages.vc)
  • RE: CAS prevents call to ConvertTo used by custom TypeConverter
    ... If the runtime code also reference the InstanceDescriptor, ... limited to granting our assembly FullTrust permission(if can not avoid ... just as the .NET's buildin assemblies ... CAS prevents call to ConvertTo used by custom TypeConverter ...
    (microsoft.public.dotnet.framework.aspnet.buildingcontrols)