Determing security demand for ServiceDescriptionImporter()

#1

I'm trying to create an instance of
System.Web.Services.Description.ServiceDescription Importer (in .Net 1.1) in
an assembly that refuses all permissions and then requests the individual
ones it needs. Problem is, when I do this, I get a security demand as soon
as I call the method that contains a call to the constructor for
ServiceDescriptionImporter. When I look in the exception, the RefusedSet
property is null, so I have no idea which permission it needs. Only one I
see in the constructor for it are the ones to call Activator.CreateInstance,
and there are no documented permissions for either the 1.1 or 2.0 version of
the class.
Anyone know what permissions the ctor needs or how I can get an exception
that actually shows the refused permissionset?

#2

Ah, according to http://msdn2.microsoft.com/en-us/library/aa302328.aspx ,
the class itself is unusable by partially-trusted assemblies. I absolutely
HATE this restriction, as I've run into it before, and it's as if your code
is being crippled for trying to run with minimal permissions; it just seems
to negate the benefits of granular security permissions.

#3

MS does this for some assemblies because they weren't absolutely certain
that the code in that assembly couldn't be exploited and weren't willing to
gamble with your security. They required full trust. This is part of that
whole "secure by default" and "reduce the attack surface" security coding
mantra.

If it makes you feel better, they put a lot of effort into vetting a bunch
of assemblies that didn't have APTCA set in 1.1 and added it in 2.0 to make
this easier to deal with.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Keith Patrick" <richard_keith_patrick (AT) nospam (DOT) hotmail.com> wrote

Quote:

Ah, according to http://msdn2.microsoft.com/en-us/library/aa302328.aspx ,
the class itself is unusable by partially-trusted assemblies. I
absolutely HATE this restriction, as I've run into it before, and it's as
if your code is being crippled for trying to run with minimal permissions;
it just seems to negate the benefits of granular security permissions.

#4

You can use this technique in the future to easiliy figure out which permissions
are missing:

http://www.leastprivilege.com/Viewin...xceptions.aspx

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Quote:

I'm trying to create an instance of
System.Web.Services.Description.ServiceDescription Importer (in .Net
1.1) in
an assembly that refuses all permissions and then requests the
individual
ones it needs. Problem is, when I do this, I get a security demand as
soon
as I call the method that contains a call to the constructor for
ServiceDescriptionImporter. When I look in the exception, the
RefusedSet
property is null, so I have no idea which permission it needs. Only
one I
see in the constructor for it are the ones to call
Activator.CreateInstance,
and there are no documented permissions for either the 1.1 or 2.0
version of
the class.
Anyone know what permissions the ctor needs or how I can get an
exception
that actually shows the refused permissionset?

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Determing security demand for ServiceDescriptionImporter()

Dotnet Security microsoft.public.dotnet.security

Determing security demand for ServiceDescriptionImporter() - 02-21-2007 , 04:34 PM

Re: Determing security demand for ServiceDescriptionImporter() - 02-21-2007 , 04:48 PM

Re: Determing security demand for ServiceDescriptionImporter() - 02-21-2007 , 06:04 PM

Re: Determing security demand for ServiceDescriptionImporter() - 02-22-2007 , 03:11 AM