Ask a Question related to ASP.NET Security, Design and Development.
-
Eric Phetteplace #1
System.Security.Permissions.FileIOPermission
Hello,
This seems to be a common question, but all the posts I see do not have a
clear answer.
Here's an excerpt of my WebPart code:
************
Imports System.IO
Dim oFS As FileStream
oFS = File.Open([PermPath], FileMode.Open)
If Err.Number > 0 Then ...
************
It compiles fine.
The only way I can get this to work is by modifying the web.config file
************
<trust level="Full" originUrl="" />
************
EVERYTHING ELSE I TRIED DID NOT WORK, AS STATED BELOW:
I tried asserting permissions, but this seems undesirable, and it doesn't
work without trust level= "full"
I would hope the .Net security wouldn't allow coders to automatically bypass
security, as I think this is what happens here.
*******************
Dim f As System.Security.Permissions.FileIOPermission
f = New
System.Security.Permissions.FileIOPermission(Secur ity.Permissions.Permission
State.Unrestricted)
f.AddPathList(Security.Permissions.FileIOPermissio nAccess.Read,
[PermPath])
f.Assert()
*******************
I tried modifying the wss_mediumtrust.config policy file
removing the Flags attribute and adding the Unrestricted attribute (I'm
guessing this was the att name)
I believe this is undesirable too, since it opens a gaping security hole.
***********************
<IPermission
class="SecurityPermission"
version="1"
Unrestricted = "true"
/>
***********************
I saw another suggestion to use WPPackager and add the IPermission for the
web part package. That sounds like the proper way.
My questions are:
1. How do I allow my Web part to have file access, without setting the
trust level to "full?"
2. Is the WPPackager the proper way to grant file access to this individual
web part?
Thanks,
Eric
Eric Phetteplace Guest
-
system.diagnostics Permissions
I have a C# service that utilizes system.diagnostics for looking at currently running processes and other tasks, I can not seem to run this service... -
System.Security.SecurityException: Security error
Dear All, The problem or error which I am getting while running my web application is as given below: Security Exception Description: The... -
System.Security.Permissions.SecurityPermission
I am getting the following exception while opening a workbook; theWorkbook = excelObj.Workbooks.Open(fileName, 0, true, 5, string.Empty,... -
Security permissions...
I an attempting to serialize a custom exception class that is derived from System.Exception during runtime. I am getting a the following security... -
Problem with security permissions on new folder
Hi Andy, try with this article: http://support.microsoft.com/default.aspx?scid=kb;en-us;322293 I hope it solves your problem... -- Mike... -
Keith Brown #2 RE: System.Security.Permissions.FileIOPermission
Hey Eric,
You definitely do NOT want to make the SecurityPermission unrestricted. That has no effect at all on the FileIOPermission, which is what you really want to fix, but what it does do is grant all *sorts* of scary permissions (like ControlPolicy, which allows you to set SecurityManager.SecurityEnabled=false and turn off all of CAS!)
You have a couple of choices: you can either move your functionality into an assembly in the GAC (where it will be fully trusted) and mark your assembly with the AllowPartiallyTrustedCallers attribute, or you can change policy like you were suggesting by adding an element for FileIOPermission, either making it unrestricted or (even better) specifying the exact directory and permission level you need to grant.
Keith Brown, MVP
[url]http://www.pluralsight.com[/url]
Keith Brown Guest
-
Eric Phetteplace #3 Re: System.Security.Permissions.FileIOPermission
Hi Keith,
Thanks for your help!
I tried adding an IPermission element for FileIOPermission, right under the
existing one in the wss_mediumtrust.config:
<IPermission
class="FileIOPermission"
version="1"
Read="G:\SpecialDir"
PathDiscovery="G:\SpecialDir"
/>
When I try to read g:\specialdir\test.txt, I receive the following error:
The HelloWorldApp, Version=1.0.0.1, Culture=neutral,
PublicKeyToken=dc2757a2b56c5017 assembly specified in a Register directive
of this page could not be found
Any suggestions?
Eric
"Keith Brown" <Keith [email]Brown@discussions.microsoft.com[/email]> wrote in message
news:7CB11EAB-D2CE-4306-8BC2-2208083725C2@microsoft.com...That has no effect at all on the FileIOPermission, which is what you really> Hey Eric,
>
> You definitely do NOT want to make the SecurityPermission unrestricted.
want to fix, but what it does do is grant all *sorts* of scary permissions
(like ControlPolicy, which allows you to set
SecurityManager.SecurityEnabled=false and turn off all of CAS!)an assembly in the GAC (where it will be fully trusted) and mark your>
> You have a couple of choices: you can either move your functionality into
assembly with the AllowPartiallyTrustedCallers attribute, or you can change
policy like you were suggesting by adding an element for FileIOPermission,
either making it unrestricted or (even better) specifying the exact
directory and permission level you need to grant.>
> Keith Brown, MVP
> [url]http://www.pluralsight.com[/url]
Eric Phetteplace Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
