Environment and Permissions

[John Bowman]

Hi All,

I've got a simple wrapper static test method on a class to expand the
environment variables on a specified string:

public static string ExpandEnvironmentStr(string Str)
{
return Environment.ExpandEnvironmentVariables(Str);
}

For some apparently security related reason it crashes with the following
exception:

An unhandled exception of type 'System.Security.SecurityException' occurred
in mscorlib.dll

Additional information: Request for the permission of type
System.Security.Permissions.EnvironmentPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.


Being a security newbe I just can't figure out from the MS doc's what this
means and how to use the EnvironmentPermission to fix it. The doc's only
confused me completely. All I need to do is be able to read stuff from the
Environment class (expanding variables and retreiving special folders,
etc.). All the MS doc's examples say something like this... which doesn't
help me at all. I need to know HOW to keep it secure.

// <-- Keep this information secure! -->

Do I need some kind of assembly permission attribute in the AssemlyInfo.cs
file or some kind of attribute on this method? If so, what? Can someone
please explain this to me and give me working example? I'm baffled.

Many thanks in advance,

 

[Richard Blewett [DevelopMentor]]

Hi All,

I've got a simple wrapper static test method on a class to expand the
environment variables on a specified string:

public static string ExpandEnvironmentStr(string Str)
{
return Environment.ExpandEnvironmentVariables(Str);
}

For some apparently security related reason it crashes with the following
exception:

An unhandled exception of type 'System.Security.SecurityException'
occurred in mscorlib.dll

Additional information: Request for the permission of type
System.Security.Permissions.EnvironmentPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed.


Being a security newbe I just can't figure out from the MS doc's what this
means and how to use the EnvironmentPermission to fix it. The doc's only
confused me completely. All I need to do is be able to read stuff from the
Environment class (expanding variables and retreiving special folders,
etc.). All the MS doc's examples say something like this... which doesn't
help me at all. I need to know HOW to keep it secure.

// <-- Keep this information secure! -->

Do I need some kind of assembly permission attribute in the AssemlyInfo.cs
file or some kind of attribute on this method? If so, what? Can someone
please explain this to me and give me working example? I'm baffled.

Many thanks in advance,

Assuming you are running from a file share / Intranet site, the Code Access
Security (CAS) settings only allow you to read the USERNAME environment
variable and nothing else. If you copy the program locally you should be
able to have the program execute normally. This is because non-local code is
given fewer permissions than local code.

However, assuming you actually need to be able to run from the non-local
machine you need to adjust CAS policy in some way to give extra permissions
to this site or assembly. There are a couple of ways to do this.

CAS assigns permissions based on the information about the executing code
(like its origin in terms of where it is running from or who authored it)
this information is called Evidence.

The CAS policy on a machine performs tests on this evidence and assigns
groups of permissions (called Permission Sets) based on the code passing
this test. The mapping of a test of evidence to a permissoin set is called a
code group. You can see all of this policy configuration in the .NET
configuration utility (mscorcfg.msc) under the Runtime Security Policy
section.

The basic configuration is principally based on IE Zone (LocalMachine,
Intranet, Internet, etc). Your code is executing from the Intranet to you
need to add a code group under the Local Intranet codegroup. Make a test of
evidence based on the site, URL or stong name or your assembly and map it to
a permission set that will grant your code the rights it needs. You could
create a custom one that grants unrestricted access to the environment block
but you could set it to FullTrust for now. A custom one is better as it
means your code only has access to the things it needs to do (principle of
least privilege).

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[John Bowman]

Richard,

Thanks for the explanations, it is a start in my learning curve. But I've
got nothing to do with the Internet for this program. It will ONLY be
installed and executed locally. This is even currently on a development
system where I've got Admin priviledges for the sake of testing/debugging.
Furthermore, when I use the "Evaluate Assembly" tool under the .NET 1.1
Configuration tool, it claims my assembly gets "Unrestricted" permissions.
So I still don't have a clue as to how to properly code this. I've used
Environment.GetFolderaPath() and Environment.NewLine, etc. before and never
had a problem.

Any more help?

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

 

[Richard Blewett [DevelopMentor]]

Richard,

Thanks for the explanations, it is a start in my learning curve. But I've
got nothing to do with the Internet for this program. It will ONLY be
installed and executed locally. This is even currently on a development
system where I've got Admin priviledges for the sake of testing/debugging.
Furthermore, when I use the "Evaluate Assembly" tool under the .NET 1.1
Configuration tool, it claims my assembly gets "Unrestricted" permissions.
So I still don't have a clue as to how to properly code this. I've used
Environment.GetFolderaPath() and Environment.NewLine, etc. before and
never had a problem.

Any more help?

John

Hmmm - so the evaluate assembly tool says you have fulltrust? Then it should
work.

Create a console app with the following code in it and make sure that
executes correctly, then copy it to the same place as the app you are trying
to run and try it there

using System;

class Program
{
static void Main(string[] args)
{
Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));
}
}

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[Richard Blewett [DevelopMentor]]

Richard,

Thanks for the explanations, it is a start in my learning curve. But I've
got nothing to do with the Internet for this program. It will ONLY be
installed and executed locally. This is even currently on a development
system where I've got Admin priviledges for the sake of testing/debugging.
Furthermore, when I use the "Evaluate Assembly" tool under the .NET 1.1
Configuration tool, it claims my assembly gets "Unrestricted" permissions.
So I still don't have a clue as to how to properly code this. I've used
Environment.GetFolderaPath() and Environment.NewLine, etc. before and
never had a problem.

Any more help?

John

Oh, and admin privilege is nothing to do with CAS. CAS layers on top of
windows security and can provide extra restrictions based on the evidence
(it can't however extend permissions not granted by windows security)

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[John Bowman]

Richard,

Thanks again for the additional assistance. The test app works perfectly,
even in the same location as the real app. When I copy your line:

Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));

into my code to replace my existing function. It crashes just like my code.

Any other ideas?

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:%[email protected]...

Richard,

Thanks for the explanations, it is a start in my learning curve. But
I've got nothing to do with the Internet for this program. It will ONLY
be installed and executed locally. This is even currently on a
development system where I've got Admin priviledges for the sake of
testing/debugging. Furthermore, when I use the "Evaluate Assembly" tool
under the .NET 1.1 Configuration tool, it claims my assembly gets
"Unrestricted" permissions. So I still don't have a clue as to how to
properly code this. I've used Environment.GetFolderaPath() and
Environment.NewLine, etc. before and never had a problem.

Any more help?

John

Hmmm - so the evaluate assembly tool says you have fulltrust? Then it
should work.

Create a console app with the following code in it and make sure that
executes correctly, then copy it to the same place as the app you are
trying to run and try it there

using System;

class Program
{
static void Main(string[] args)
{
Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));
}
}

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[Richard Blewett [DevelopMentor]]

Richard,

Thanks again for the additional assistance. The test app works perfectly,
even in the same location as the real app. When I copy your line:

Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));

into my code to replace my existing function. It crashes just like my
code.

Any other ideas?

John

How is your code being loaded - are you a plug-in or something like that?
There is obviously something fundementally different about the .exe I sent
and how your code executes - can you give us some more detail about what
your application does?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[John Bowman]

Richard,

Thanks again for continuing to try and help me out. Basically, it's an
installer launcher. It figures out what installers are on the media and then
launches them in succession. Nothing really fancy. The
Environment.ExpandVariables method is used whenever a folder spec is
retrieved from various places (such as the registry or ini file) to make
certain that any environment strings embedded in the retrieved value are
properly expanded. This same routine worked fine in another one of my apps.
Then I just lifted the code (such as it is <g>) and put it in here and now
it refuses to cooperate.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

 

[John Bowman]

Ricahrd,

Thanks again for continuing trying to help me out. Basically, the program is
an installer launcher. It figures out what MSI based installers are present
on the media and runs them - nothing really fancy. It uses the
Environment.ExpandVariables method to make certain that any folder spec
strings retrieved from ini or registry are properly expanded before the
program makes any use of them. I had this code in another program and simply
lifted it for this one and now it doesn't work.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

 

[John Bowman]

Sorry about the accidental double posts...

John

Ricahrd,

Thanks again for continuing trying to help me out. Basically, the program
is an installer launcher. It figures out what MSI based installers are
present on the media and runs them - nothing really fancy. It uses the
Environment.ExpandVariables method to make certain that any folder spec
strings retrieved from ini or registry are properly expanded before the
program makes any use of them. I had this code in another program and
simply lifted it for this one and now it doesn't work.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

How is your code being loaded - are you a plug-in or something like that?
There is obviously something fundementally different about the .exe I
sent and how your code executes - can you give us some more detail about
what your application does?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[Richard Blewett [DevelopMentor]]

Richard,

Thanks again for continuing to try and help me out. Basically, it's an
installer launcher. It figures out what installers are on the media and
then launches them in succession. Nothing really fancy. The
Environment.ExpandVariables method is used whenever a folder spec is
retrieved from various places (such as the registry or ini file) to make
certain that any environment strings embedded in the retrieved value are
properly expanded. This same routine worked fine in another one of my
apps. Then I just lifted the code (such as it is <g>) and put it in here
and now it refuses to cooperate.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

How is your code being loaded - are you a plug-in or something like that?
There is obviously something fundementally different about the .exe I
sent and how your code executes - can you give us some more detail about
what your application does?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

So John, I'm struggling a bit here as the way your code is getting executed
does not appear to be the same as you double clicking on a normal .exe.

Do you have something like

[assembly: PermissionSet( SecurityAction.RequestMinimum, Name =
"Internet")]
[assembly: PermissionSet( SecurityAction.RequestOptional, Name =
"Intranet")]

on the assembly?

What causes your code to run - the user starting the program explicitly or
something else?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[John Bowman]

Richard,

The program is started by someone double clicking on the .EXE like any
other. It will reside on the local hard drive, or a CD or a DVD. Since it's
an installer launcher and is used for launching both MSI isntallers and MSI
patches, it's possible that it might be downloaded as part of a software
update/patch, then executed. But it will not be run over the internet.
Someone might place it onto a shared network location where multiple users
can double click on it.

Also, I do not have any PermissionSet's on the assembly. Didn't know I
needed them. Do I need any kind of EnvironmentPermission attribute or
something that I saw in the MS doc's? When it comes to this stuff I'm a
complete newbie.

Thanks again.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

Richard,

Thanks again for continuing to try and help me out. Basically, it's an
installer launcher. It figures out what installers are on the media and
then launches them in succession. Nothing really fancy. The
Environment.ExpandVariables method is used whenever a folder spec is
retrieved from various places (such as the registry or ini file) to make
certain that any environment strings embedded in the retrieved value are
properly expanded. This same routine worked fine in another one of my
apps. Then I just lifted the code (such as it is <g>) and put it in here
and now it refuses to cooperate.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

Richard,

Thanks again for the additional assistance. The test app works
perfectly, even in the same location as the real app. When I copy your
line:


Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));

into my code to replace my existing function. It crashes just like my
code.

Any other ideas?

John


How is your code being loaded - are you a plug-in or something like
that? There is obviously something fundementally different about the
.exe I sent and how your code executes - can you give us some more
detail about what your application does?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

So John, I'm struggling a bit here as the way your code is getting
executed does not appear to be the same as you double clicking on a normal
.exe.

Do you have something like

[assembly: PermissionSet( SecurityAction.RequestMinimum, Name =
"Internet")]
[assembly: PermissionSet( SecurityAction.RequestOptional, Name =
"Intranet")]

on the assembly?

What causes your code to run - the user starting the program explicitly or
something else?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[John Bowman]

Richard,

I copied your PermissionSet lines into my AssemblyInfo.cs and now at compile
time it complains:

Assembly generation failed -- Unexpected exception processing attribute --
System.ArgumentException: Unable to generate permission set; input XML may
be malformed.

What on Earth is it saying? What XML? Aside from the framework itself this
is a completely stand alone .EXE. Also, what are the allowed values for the
Name value string?

John

Richard,

The program is started by someone double clicking on the .EXE like any
other. It will reside on the local hard drive, or a CD or a DVD. Since
it's an installer launcher and is used for launching both MSI isntallers
and MSI patches, it's possible that it might be downloaded as part of a
software update/patch, then executed. But it will not be run over the
internet. Someone might place it onto a shared network location where
multiple users can double click on it.

Also, I do not have any PermissionSet's on the assembly. Didn't know I
needed them. Do I need any kind of EnvironmentPermission attribute or
something that I saw in the MS doc's? When it comes to this stuff I'm a
complete newbie.

Thanks again.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

Richard,

Thanks again for continuing to try and help me out. Basically, it's an
installer launcher. It figures out what installers are on the media and
then launches them in succession. Nothing really fancy. The
Environment.ExpandVariables method is used whenever a folder spec is
retrieved from various places (such as the registry or ini file) to make
certain that any environment strings embedded in the retrieved value are
properly expanded. This same routine worked fine in another one of my
apps. Then I just lifted the code (such as it is <g>) and put it in here
and now it refuses to cooperate.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot
co dot uk> wrote in message Richard,

Thanks again for the additional assistance. The test app works
perfectly, even in the same location as the real app. When I copy your
line:


Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));

into my code to replace my existing function. It crashes just like my
code.

Any other ideas?

John


How is your code being loaded - are you a plug-in or something like
that? There is obviously something fundementally different about the
.exe I sent and how your code executes - can you give us some more
detail about what your application does?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

So John, I'm struggling a bit here as the way your code is getting
executed does not appear to be the same as you double clicking on a
normal .exe.

Do you have something like

[assembly: PermissionSet( SecurityAction.RequestMinimum, Name =
"Internet")]
[assembly: PermissionSet( SecurityAction.RequestOptional, Name =
"Intranet")]

on the assembly?

What causes your code to run - the user starting the program explicitly
or something else?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk

 

[Richard Blewett [DevelopMentor]]

Richard,

I copied your PermissionSet lines into my AssemblyInfo.cs and now at
compile time it complains:

Assembly generation failed -- Unexpected exception processing attribute --
System.ArgumentException: Unable to generate permission set; input XML may
be malformed.

What on Earth is it saying? What XML? Aside from the framework itself this
is a completely stand alone .EXE. Also, what are the allowed values for
the Name value string?

John

Richard,

The program is started by someone double clicking on the .EXE like any
other. It will reside on the local hard drive, or a CD or a DVD. Since
it's an installer launcher and is used for launching both MSI isntallers
and MSI patches, it's possible that it might be downloaded as part of a
software update/patch, then executed. But it will not be run over the
internet. Someone might place it onto a shared network location where
multiple users can double click on it.

Also, I do not have any PermissionSet's on the assembly. Didn't know I
needed them. Do I need any kind of EnvironmentPermission attribute or
something that I saw in the MS doc's? When it comes to this stuff I'm a
complete newbie.

Thanks again.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot co
dot uk> wrote in message news:[email protected]...

Richard,

Thanks again for continuing to try and help me out. Basically, it's an
installer launcher. It figures out what installers are on the media and
then launches them in succession. Nothing really fancy. The
Environment.ExpandVariables method is used whenever a folder spec is
retrieved from various places (such as the registry or ini file) to
make certain that any environment strings embedded in the retrieved
value are properly expanded. This same routine worked fine in another
one of my apps. Then I just lifted the code (such as it is <g>) and put
it in here and now it refuses to cooperate.

John

"Richard Blewett [DevelopMentor]" <richard at nospam dotnetconsult dot
co dot uk> wrote in message
Richard,

Thanks again for the additional assistance. The test app works
perfectly, even in the same location as the real app. When I copy
your line:


Console.WriteLine(Environment.ExpandEnvironmentVariables("%windir%"));

into my code to replace my existing function. It crashes just like my
code.

Any other ideas?

John


How is your code being loaded - are you a plug-in or something like
that? There is obviously something fundementally different about the
.exe I sent and how your code executes - can you give us some more
detail about what your application does?

Regards

Richard Blewett - DevelopMentor
http://www.dotnetconsult.co.uk/weblog
http://www.dotnetconsult.co.uk




So John, I'm struggling a bit here as the way your code is getting
executed does not appear to be the same as you double clicking on a
normal .exe.

Do you have something like

[assembly: PermissionSet( SecurityAction.RequestMinimum, Name =
"Internet")]
[assembly: PermissionSet( SecurityAction.RequestOptional, Name =
"Intranet")]

on the assembly?

What causes your code to run - the user starting the program explicitly
or something else?

John,

I wasn't saying you *should* have them, it was a possibility as to why youor
code was failing. When you add a RequestMinimum and RequestOptional then
anyting outside of that union is implcitly refused. If you had this type
thing in your assembly it would explain why the "evaluate assembly" said
fulltrust and yet the code wasn't running with it

Regards



Richard Blewett - DevelopMentor

http://www.dotnetconsult.co.uk/weblog

http://www.dotnetconsult.co.uk