.NET Security

[Mike]

I'm not quite getting the security of .NET. Maybe someone can give the
basic issue here so I can see the patten and better understand it with
the written docs.

For now, until I understand what is going on I would like to remove it
to get full control of my RPC client/server framework which is already
secured in its own rights and installed by corporate operators in
secured computer rooms environments. I need to get the package
running as always.

In short, the clients, are .NET applications using our new .NET SDK
class library DLL. The package can be installed on local machines,
computer rooms on networks so I really need to get control of this.

What I have is an exe and dll

Wildcat.net.server.dll <-- our .NET SDK API DLL
BSMiniRPT.exe <-- SDK example

I copied these from my local D: drive to my network shared G: drive
and tried to run it. I get the report below. I also tried to do what
I though would remove the security from the compiled EXE and I still
get the report below.

What is it exactly do I need to look for to begin testing the .net
work with field testers who have no restrictions where they install
our server and/or run the client applications?

************** Exception Text **************
System.Security.SecurityException: Request for the permission of type
'System.Security.Permissions.EnvironmentPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Object demand,
StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Environment.GetCommandLineArgs()
at BSMiniRPT.frmMain.frmMain_Load(Object eventSender, EventArgs
eventArgs)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Windows.Forms.Form.OnLoad(EventArgs e)
at System.Windows.Forms.Form.OnCreateControl()
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl()
at System.Windows.Forms.Control.WmShowWindow(Message& m)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
at System.Windows.Forms.ContainerControl.WndProc(Message& m)
at System.Windows.Forms.Form.WmShowWindow(Message& m)
at System.Windows.Forms.Form.WndProc(Message& m)
at
System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at
System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32
msg, IntPtr wparam, IntPtr lparam)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.EnvironmentPermission
The Zone of the assembly that failed was:
Intranet


************** Loaded Assemblies **************
mscorlib
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
BSMiniRPT
Assembly Version: 1.0.1.0
Win32 Version: 1.0.1.0
CodeBase: file:///G:/wc7beta/BSMiniRPT.exe
----------------------------------------
Microsoft.VisualBasic
Assembly Version: 8.0.0.0
Win32 Version: 8.0.50727.42 (RTM.050727-4200)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/Microsoft.VisualBasic/8.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll
----------------------------------------
System
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Windows.Forms
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Configuration
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
System.Runtime.Remoting
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.832 (QFE.050727-8300)
CodeBase:
file:///F:/WINDOWS/assembly/GAC_MSIL/System.Runtime.Remoting/2.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll

 

[Mike]

I could really use some .NET real world insight here from experienced
VB.NET people here.

I found the utility CASPOL.EXE and noticed if I do:

start caspol -s off

then I can run the EXE/DLL without the security from a remove drive.

Off hand, I would ask:

How do I do this programmatically?

but even if possible (allowed), that is probably not a good idea
without fully understanding the logic.

Is this where I need to "create a manifest" or something that bundles
my security exclusions with the DLL or EXE?

Do I need to sign the DLL and will that cover the sub-assemblies it
references? e.g.; mscorlib.dll?


--

 

[Jack Jackson]

I could really use some .NET real world insight here from experienced
VB.NET people here.

I found the utility CASPOL.EXE and noticed if I do:

start caspol -s off

then I can run the EXE/DLL without the security from a remove drive.

Off hand, I would ask:

How do I do this programmatically?

but even if possible (allowed), that is probably not a good idea
without fully understanding the logic.

Is this where I need to "create a manifest" or something that bundles
my security exclusions with the DLL or EXE?

Do I need to sign the DLL and will that cover the sub-assemblies it
references? e.g.; mscorlib.dll?

As far as I know your two choices are:
1. Run caspol on each workstation, which changes the security for
everything on the share, not just your program. I do not know other
implications of this.
2. Install .NET 3.5 SP1. Your app does not have to target 3.5, this
service pack changes the security rules for all 2.0 and higher apps to
allow them to run from network shares.

 

[Mike]

As far as I know your two choices are:
1. Run caspol on each workstation, which changes the security for
everything on the share, not just your program. I do not know other
implications of this.

2. Install .NET 3.5 SP1. Your app does not have to target 3.5, this
service pack changes the security rules for all 2.0 and higher apps to
allow them to run from network shares.

Does it relax it? I might have heard wrong, but for VS 2010,
Microsoft has reverted or done something so that this isn't so
unpredictable or the developer has more precise control. Not sure
since I am catching up to all this. I'll read up more on the security
rules patch. This comment in MSDN was very puzzling and concerning:

Partial Trust

...

What is not allowed in partial trust? That is not easy to
determine. Each class and each method of each class in the .NET
Framework has a security attribute that defines the level of
trust needed to run that method, and that attribute may not be
accessible at run time because of just these security features.

I hope MS makes this a non-issue to help minimize any exploitation
caused by the frustrations of developers and users lowering their
guards because they can't get anything done or isn't straight forward
- my security hat opinion.

What I did just now was to use MSCORCFG.MSC to alter the local
intranet setting. This change will be great for internal
development and testing but of course, I can't tell customers to do
this. So I would like to be able to sandbox our own customer trusted
apps.

The problem seems to be that while I can change the permission for the
EXE and our DLL, I haven't figure out how to change all the
dependencies (the partial trust issue above).

I did see I can create my own Code Group but have not seen yet how to
apply it to the applications and dll, i.e, how do you assign it to
the application or assembly? This appears as the sandbox solution I
need to figure out.

This MSDN C# example on how to System.Security.Permissions
programmatically did not work for me:

http://msdn.microsoft.com/en-us/lib...aspx#vcwlksecuritytutorialsuppressingsecurity

until I added full trust to the Local Intranet setting via
MSCORCFG.MSC which of course, made those commands useless.

It seems to be a chicken and egg thing. You need to start an
application on a local drive, then change the permission and change
directory to a shared drive and continue the process.

Thanks for your input.

--

 

[Mike]

Jack, these links are proving to be useful:

The Simple Sandboxing API
http://blogs.msdn.com/shawnfa/archive/2005/08/08/449050.aspx

And I haven't read it all yet, but 4.0 supposedly makes all is work
like native code one again with the EXE controlling what security is
used.

So it seems like we are coming to a full circle.

--

 

[Cor Ligthert[MVP]]

Mike,

The most important item in the days Net version 2.0 was released was
"security".

It is done almost completely in the attributes of the classes and some
things you can do in real code.

Not the most pleasant thing to do and therefore not a subject most people
want to reply on in newsgroups in forums

But there is a special newsgroup around security.

Cor

 

[Mike]

Mike,

The most important item in the days Net version 2.0 was released was
"security".

It is done almost completely in the attributes of the classes and some
things you can do in real code.

Yes, been catching up with the reading. Even even more changing is on
the horizon.

Not the most pleasant thing to do and therefore not a subject most
people want to reply on in newsgroups in forums

This .NET security design evolution from 1.0 to present seems to be a
classic case of Engineering SWAGGING (Scientific Wild Ass Guessing) -
WOW!

But there is a special newsgroup around security.

Yes, just subscribed to it. Thanks for the reminder.

--

 

[Mike]

Jack, just wish to pass on a note for the archives, that updating to
..NET SP2 resolved this intranet security load issue.

Thanks again for your input.