Geek Answers Handbook

Get current / active .NET application security zone?

I have an application that behaves strangely and just for verification, I would like to see in which security zone it is currently working.

I found the System.Security.SecurityZone enumeration, but cannot find anything that will return from which I am running.

Does anyone have any tips?

Basically I want to find out if my application works on MyComputer, Intranet, Internet, Untrusted, Trusted, etc.

Edit: Here is a small test application that I wrote to find this code, thanks @blowdart .

using System; using System.Reflection; namespace zone_check { class Program { static void Main(string[] args) { Console.WriteLine(".NET version: " + Environment.Version); foreach (Object ev in Assembly.GetExecutingAssembly().Evidence) { if (ev is System.Security.Policy.Zone) { System.Security.Policy.Zone zone = (System.Security.Policy.Zone)ev; Console.WriteLine("Security zone: " + zone.SecurityZone); break; } } } } }
+6
security c # cas
source share
3 answers

You need to look at the CAS evidence for the current build;

this.GetType (). Assembly.Evidence

Assembly.Evidence is a property of the Evidence object. From this, you can list the evidence and look for the zone that appears as the <System.Security.Policy.Zone> element.

+6
source share

In .NET 3.5, you can simplify your code with LINQ:

 Zone z = a.Evidence.OfType<Zone>().First();

From .NET 4.0, you have the convenient GetHostEvidence method:

 Zone z = Assembly.GetExecutingAssembly().Evidence.GetHostEvidence<Zone>();

Note that .NET 4.0 derives from evidence classes from the EvidenceBase base class.

NTN, György

+3
source share

You can also use

 Evidence e = Thread.CurrentThread.GetType().Assembly.Evidence;

instead

 this.GetType().Assembly.Evidence
-2
source share

More articles:


All Articles