Geek Answers Handbook

Confirmation Permissions in C #

I am busy trying to understand security things in C # and I am struggling to understand how Assert works. I am using .net 3.5.

I made an example application to try to figure this out.

Call Method:

[FileIOPermission(SecurityAction.Deny, ViewAndModify = @"C:\")] static void Main(string[] args) { WriteTest testWriter = new WriteTest(); testWriter.Test(); Console.Read(); }

In a separate class library, I have:

 public class WriteTest { public void Test() { try { FileIOPermission permission = new FileIOPermission(FileIOPermissionAccess.Write, @"C:\"); permission.Assert(); using (StreamWriter sw = new StreamWriter(@"C:\test.txt")) { sw.WriteLine("testing!"); sw.Flush(); } Console.WriteLine("Writen to file!"); } catch (SecurityException sec) { Console.WriteLine("No privileges!"); } } }

This code does everything and everything. He will write a file. My question is how exactly does this work? Does this invalidate security classes if I can simply approve the permissions that I want them to pass checks? If I change Assert to Demand, it throws an exception.

Is the clause of security classes not allowing me to set permissions so that when I call a third-party class, I can prevent it from expelling and doing things that I do not want to do? I know that if I load a dll in AppDomain, I will get this effect, even if a third-party DLL uses Assert, it seems strange that if I call it directly, it will work. I tried reading the MSDN documentation on Assert, but it is hard for me to understand.

+7
source share
2 answers

Assert() is useful when a less privileged code ("Assembly A") calls a more privileged code ("Assembly B") to perform a task. To accomplish this task, Assembly B needs to run code that requires powerful permission — permission that Assembly A can have. Therefore, Assembly B first requires a less powerful permission (permission to complete the task in the first place), and then approves a more powerful permission for actual execution tasks.

For example, suppose a partially trusted Silverlight application wants to make an HTTP request using the System.Net.WebRequest class. SocketPermission is required to establish a network connection, but this is a powerful low-level resolution that should not be provided to untrusted code from the Internet. Thus, WebRequest requires a less powerful permission, WebPermission , and then approves SocketPermission before proceeding to establish a network connection.

Now, in your specific example, Assert() overrides Deny , because the class library operates at the same privilege level as the application — both the application and the class library most likely operate under full trust. An assembly can always Assert() get any permission in its grant set. To enforce Deny in the class library, you will need to place the class library in an isolated area.

Note. . In .NET 4.0, Deny deprecated. From the MSDN Library :

Runtime support has been removed to force rejection requests, RequestMinimum, RequestOptional, and RequestRefuse. In general, these requests were not well understood and potential security vulnerabilities were presented if they were not used properly:

  • The Deny action can be easily overridden by the Assert action. The code in the assembly was able to perform the Assert action to resolve if the permission was in the collection of grants for the assembly. The assembler prevented Deny from being seen on the stack, which made him inefficient.
+3
source

The Assert() method causes code access protection (CAS) to stop walking on the stack with a specific request for rights verification.

Assert is a method that can be called to allow access to the class code and the PermissionSet class. You can use Assert to include your code (and subsequent subscribers) to perform actions that your code has permission to execute, but its callers may not have permission to execute. A security statement modifies the normal process that the runtime performs during a security audit. When you approve the permission, it tells the security system not to check the callers of your code for the stated permission.

Using the confirmation method

I think you want Demand()

Interest:

+1
source

More articles:


All Articles