.NET Application Security

Andy Bates · Oct 25, 2004

Hi -

I have developed a .NET WinForms application and will be looking to write an
installer shortly. I'm a bit concerned regarding security.

If the application is installed to the local harddisk, then I don't see a
problem as that will inherit full trust; but if the user installs the
application to a network drive then I envisage that the default rights will
prevent the application from running.

What should I do in the installer in order to ensure that the user has the
correct rights in order to run the application from where they install it?
The users will not be technical and will expect the application to just run.

The application will require access to:

1. Microsoft Access database.
2. Files on the installed drive (full access) (either local or network).
3. Third party ActiveX components installed by the application.
4. Possibly access to the registry.

TIA

- Andy

Guest · Oct 26, 2004

Other than telling people not to install it to the network, there's not a lot
you can do... at the end of the day, you should only support network
installations that are designed as such.

Sami Vaaraniemi · Oct 26, 2004

You could have your installer modify the security policy as needed. For
example: create a new code group, set its membership condition to your
application's strong name, and give this code group appropriate permissions.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnforms/html/winforms11122002.asp
shows how to do this. The article talks about web-deployed applications but
it is equally applicable to an application deployed on a network share.

Regards,
Sami

Nick Malik · Oct 26, 2004

You can always create a custom installer class that will pop up a message if
the user installs the application on a networked drive instead of the local
hard drive.

This article could help: http://www.devx.com/dotnet/Article/20849/0/page/1

This is less of a problem than you think... most of your "less technical"
users accept the default install options. Only the ones who know just
enough to be truly dangerous (less than 5%) will change the install location
but not understand that doing so can mess with the ability of the app to
run.

HTH,
--- Nick

Adjust code access security rights programmaticly or through script?	1	Oct 24, 2003
Application does not start from network folder	11	Jul 30, 2008
Application Domain	1	May 16, 2010
Winforms security	5	Jul 16, 2008
.NET application deployment questions	0	Oct 5, 2013
Winforms application not running on W2000	2	Sep 22, 2005
Running app from network drive	4	Aug 10, 2007
IWshRuntimeLibrary	2	Nov 28, 2009

.NET Application Security

Andy Bates

Guest

Sami Vaaraniemi

Nick Malik

Ask a Question

Similar Threads