Application Security Code Access sequrity(CAS)

[Tony Johansson]

Hi!

I'm reading a book from Microsoft Press (Exam 70-536) and it says the
following
"Exam Tip: For the exam, remember that CAS is significant only for partially
trusted assemblies.
The runtime completely ignores CAS declarations for fully trusted
assemblies."

Bolow is an example from the book and here I use some CAS declarations as
you can see.
Now what I don't understand is the last sentence which says "The runtime
completely ignores CAS declarations for fully trusted assemblies"
I mean my assemblies are fully trusted because they run in code group
My_Computer_Zone and that has permission Set FullTrust but even though this
example program will cause securityexception unhandled.

So I can't understand this on the one hand the book says
The runtime completely ignores CAS declarations for fully trusted
assemblies.
and my program is FullyTrusted so accoding to the book is should ignore CAS
declarations but
the program doesn't ignore the CAS declaration because I get
securityexception unhandled.

There must be something that I miss here because I don't thing the book is
wrong.

using System;
using System.IO;
using System.Security.Permissions;
[assembly:UIPermission(SecurityAction.RequestMinimum,Unrestricted=true)]
[assembly:FileIOPermission(SecurityAction.RequestOptional,Read = @"C:\")]


class Program
{
static void Main(string[] args)
{
// Create a file
TextWriter tw = new StreamWriter(@"C:\Hello.txt");
tw.WriteLine("Hello, world!");
tw.Close();

// Display the text of the file
TextReader tr = new StreamReader(@"C:\Hello.txt");
Console.WriteLine(tr.ReadToEnd());
tr.Close();
}
}

 

[Patrice]

IMO what they mean is that if an assembly is fully trusted, there is no
point in checking a particular permission as you already know it has all of
them. So you can skip this check. AFAIK this is quite a frequent pattern
(for example when logged as an admin in SQL Server, I believe that security
checks are skipped).

Of course, even if the assembly is fully trusted, it still can't write
anywhere on disk regardless of the OS security so you can still get
securityexception (here c:\ is not writable under a non admin account)...

 

[Tony Johansson]

IMO what they mean is that if an assembly is fully trusted, there is no
point in checking a particular permission as you already know it has all
of them. So you can skip this check. AFAIK this is quite a frequent
pattern (for example when logged as an admin in SQL Server, I believe that
security checks are skipped).

Of course, even if the assembly is fully trusted, it still can't write
anywhere on disk regardless of the OS security so you can still get
securityexception (here c:\ is not writable under a non admin account)...

What do you mean by this
"Of course, even if the assembly is fully trusted, it still can't write
anywhere on disk regardless of the OS security so you can still get
securityexception (here c:\ is not writable under a non admin account)..."


I mean in my example I get securityexception but still the book said The
runtime completely ignores CAS declarations for fully trusted assemblies. So
in some way the book has wrong.
I was logged in as admin and the assembly was fully trusted.

//Tony

 

[Patrice]

I was logged in as admin and the assembly was fully trusted.

Sorry I was to quick at reading and thought it was because of a denied
access to this file that actually throws an UnauthorizedAccessException. For
clarity, its likely best to quote the whole exception message even if my
fault ;-) Sorry again.

I gave it a closer look. From the documentation it seems that
RequestOptional implicity refuses all other permissions. So your fulltrust
assembly is not fully trusted any more.

So IMO the book is not entirely correct that is rather CAS declarations
ASKING for a permissions are ignored as the assembly has already fulltrust.
CAS declarations REFUSING a permission (explicitely or implicitely) are not
ignored.

Also note that CAS changed in 4.0. So unless this is for a 3.51 exam, it
would be better to check how CAS works in NET 4.0 that is now out...