FileIOException, Need help please

Discussion in 'ASP .Net Security' started by Moe, May 12, 2005.

  1. Moe

    Moe Guest

    I have a winForm control that contains an openFileDialog.
    I am using this control in a webForm by enbedding it using an <object> tag.
    I need to access some information about the file on the client.
    I strongly named my control assembly .
    I created a machine level permission set, and assigned FileDialog, FileIO
    and User interface permission.
    I created a code group under all_Code, associated my assembly's strong name
    to that group and assigned the permission set i created previously.

    I also added the following attributes to my assembly:
    [assembly:AllowPartiallyTrustedCallers]
    [assembly: FileDialogPermission(SecurityAction.RequestMinimum, Unrestricted
    = true)]
    [assembly: UIPermission(SecurityAction.RequestMinimum, Unrestricted = true)]
    [assembly: FileIOPermission(SecurityAction.RequestMinimum, Unrestricted =
    true)]


    I am having a file IO Exception while trying to retreive the FileName
    property of the openFileDialog.

    Any help will be very appreciate it.

    Thanks!
     
    Moe, May 12, 2005
    #1
    1. Advertising

  2. "Moe" <> wrote in message
    news:...
    >I have a winForm control that contains an openFileDialog.
    > I am using this control in a webForm by enbedding it using an <object>
    > tag.
    > I need to access some information about the file on the client.
    > I strongly named my control assembly .
    > I created a machine level permission set, and assigned FileDialog, FileIO
    > and User interface permission.
    > I created a code group under all_Code, associated my assembly's strong
    > name
    > to that group and assigned the permission set i created previously.


    Not a great idea. It would be better to add the new group under the
    appropriate zone group (usually intranet) in order to minimize the potential
    impact of a compromise of your signing key.


    > I also added the following attributes to my assembly:
    > [assembly:AllowPartiallyTrustedCallers]
    > [assembly: FileDialogPermission(SecurityAction.RequestMinimum,
    > Unrestricted
    > = true)]
    > [assembly: UIPermission(SecurityAction.RequestMinimum, Unrestricted =
    > true)]
    > [assembly: FileIOPermission(SecurityAction.RequestMinimum, Unrestricted =
    > true)]
    >
    >
    > I am having a file IO Exception while trying to retreive the FileName
    > property of the openFileDialog.


    It really shouldn't be getting that far. Given that you've specified a
    RequestMinimum for
    unrestricted FileIOPermission, your assembly should not run at all if this
    permission is denied. Are you sure that you're attempting to run the latest
    version of the assembly?

    That said, you'll still have a problem once you resolve the above issue
    since the IE host won't resolve your assembly's strong name until after the
    permissions grant is complete. For workarounds, see
    http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx.



    >
    > Any help will be very appreciate it.
    >
    > Thanks!
     
    Nicole Calinoiu, May 13, 2005
    #2
    1. Advertising

  3. Hello Nicole Calinoiu" calinoiu REMOVETHIS AT gmail DOT com,

    i would also suggest to not use the filename that is returned from the fileopen
    dialog but the FileStream..does not require that much permissions...

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > "Moe" <> wrote in message
    > news:...
    >
    >> I have a winForm control that contains an openFileDialog.
    >> I am using this control in a webForm by enbedding it using an
    >> <object>
    >> tag.
    >> I need to access some information about the file on the client.
    >> I strongly named my control assembly .
    >> I created a machine level permission set, and assigned FileDialog,
    >> FileIO
    >> and User interface permission.
    >> I created a code group under all_Code, associated my assembly's
    >> strong
    >> name
    >> to that group and assigned the permission set i created previously.

    > Not a great idea. It would be better to add the new group under the
    > appropriate zone group (usually intranet) in order to minimize the
    > potential impact of a compromise of your signing key.
    >
    >> I also added the following attributes to my assembly:
    >> [assembly:AllowPartiallyTrustedCallers]
    >> [assembly: FileDialogPermission(SecurityAction.RequestMinimum,
    >> Unrestricted
    >> = true)]
    >> [assembly: UIPermission(SecurityAction.RequestMinimum, Unrestricted =
    >> true)]
    >> [assembly: FileIOPermission(SecurityAction.RequestMinimum,
    >> Unrestricted =
    >> true)]
    >> I am having a file IO Exception while trying to retreive the FileName
    >> property of the openFileDialog.
    >>

    > It really shouldn't be getting that far. Given that you've specified
    > a
    > RequestMinimum for
    > unrestricted FileIOPermission, your assembly should not run at all if
    > this
    > permission is denied. Are you sure that you're attempting to run the
    > latest
    > version of the assembly?
    > That said, you'll still have a problem once you resolve the above
    > issue since the IE host won't resolve your assembly's strong name
    > until after the permissions grant is complete. For workarounds, see
    > http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx.
    >
    >> Any help will be very appreciate it.
    >>
    >> Thanks!
    >>
     
    Dominick Baier [DevelopMentor], May 14, 2005
    #3
  4. That would only work if the goal is to open the file for reading, which
    doesn't sound like the case here ("access some information about the file on
    the client" from OP). My guess is that it's probably more likely that
    FileDialogPermission can be dispensed with in this particular case rather
    than FileIOPermission. However, the assembly may also contain other
    functionality, so permissions that appear superfluous to us may actually be
    required by other code...


    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Nicole Calinoiu" calinoiu REMOVETHIS AT gmail DOT com,
    >
    > i would also suggest to not use the filename that is returned from the
    > fileopen dialog but the FileStream..does not require that much
    > permissions...
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> "Moe" <> wrote in message
    >> news:...
    >>
    >>> I have a winForm control that contains an openFileDialog.
    >>> I am using this control in a webForm by enbedding it using an
    >>> <object>
    >>> tag.
    >>> I need to access some information about the file on the client.
    >>> I strongly named my control assembly .
    >>> I created a machine level permission set, and assigned FileDialog,
    >>> FileIO
    >>> and User interface permission.
    >>> I created a code group under all_Code, associated my assembly's
    >>> strong
    >>> name
    >>> to that group and assigned the permission set i created previously.

    >> Not a great idea. It would be better to add the new group under the
    >> appropriate zone group (usually intranet) in order to minimize the
    >> potential impact of a compromise of your signing key.
    >>
    >>> I also added the following attributes to my assembly:
    >>> [assembly:AllowPartiallyTrustedCallers]
    >>> [assembly: FileDialogPermission(SecurityAction.RequestMinimum,
    >>> Unrestricted
    >>> = true)]
    >>> [assembly: UIPermission(SecurityAction.RequestMinimum, Unrestricted =
    >>> true)]
    >>> [assembly: FileIOPermission(SecurityAction.RequestMinimum,
    >>> Unrestricted =
    >>> true)]
    >>> I am having a file IO Exception while trying to retreive the FileName
    >>> property of the openFileDialog.
    >>>

    >> It really shouldn't be getting that far. Given that you've specified
    >> a
    >> RequestMinimum for
    >> unrestricted FileIOPermission, your assembly should not run at all if
    >> this
    >> permission is denied. Are you sure that you're attempting to run the
    >> latest
    >> version of the assembly?
    >> That said, you'll still have a problem once you resolve the above
    >> issue since the IE host won't resolve your assembly's strong name
    >> until after the permissions grant is complete. For workarounds, see
    >> http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx.
    >>
    >>> Any help will be very appreciate it.
    >>>
    >>> Thanks!
    >>>

    >
    >
    >
     
    Nicole Calinoiu, May 14, 2005
    #4
  5. Moe

    Moe Guest

    Thank you guys for your help.
    I apreciate it :)

    "Nicole Calinoiu" wrote:

    > That would only work if the goal is to open the file for reading, which
    > doesn't sound like the case here ("access some information about the file on
    > the client" from OP). My guess is that it's probably more likely that
    > FileDialogPermission can be dispensed with in this particular case rather
    > than FileIOPermission. However, the assembly may also contain other
    > functionality, so permissions that appear superfluous to us may actually be
    > required by other code...
    >
    >
    > "Dominick Baier [DevelopMentor]" <>
    > wrote in message news:...
    > > Hello Nicole Calinoiu" calinoiu REMOVETHIS AT gmail DOT com,
    > >
    > > i would also suggest to not use the filename that is returned from the
    > > fileopen dialog but the FileStream..does not require that much
    > > permissions...
    > >
    > > ---------------------------------------
    > > Dominick Baier - DevelopMentor
    > > http://www.leastprivilege.com
    > >
    > >> "Moe" <> wrote in message
    > >> news:...
    > >>
    > >>> I have a winForm control that contains an openFileDialog.
    > >>> I am using this control in a webForm by enbedding it using an
    > >>> <object>
    > >>> tag.
    > >>> I need to access some information about the file on the client.
    > >>> I strongly named my control assembly .
    > >>> I created a machine level permission set, and assigned FileDialog,
    > >>> FileIO
    > >>> and User interface permission.
    > >>> I created a code group under all_Code, associated my assembly's
    > >>> strong
    > >>> name
    > >>> to that group and assigned the permission set i created previously.
    > >> Not a great idea. It would be better to add the new group under the
    > >> appropriate zone group (usually intranet) in order to minimize the
    > >> potential impact of a compromise of your signing key.
    > >>
    > >>> I also added the following attributes to my assembly:
    > >>> [assembly:AllowPartiallyTrustedCallers]
    > >>> [assembly: FileDialogPermission(SecurityAction.RequestMinimum,
    > >>> Unrestricted
    > >>> = true)]
    > >>> [assembly: UIPermission(SecurityAction.RequestMinimum, Unrestricted =
    > >>> true)]
    > >>> [assembly: FileIOPermission(SecurityAction.RequestMinimum,
    > >>> Unrestricted =
    > >>> true)]
    > >>> I am having a file IO Exception while trying to retreive the FileName
    > >>> property of the openFileDialog.
    > >>>
    > >> It really shouldn't be getting that far. Given that you've specified
    > >> a
    > >> RequestMinimum for
    > >> unrestricted FileIOPermission, your assembly should not run at all if
    > >> this
    > >> permission is denied. Are you sure that you're attempting to run the
    > >> latest
    > >> version of the assembly?
    > >> That said, you'll still have a problem once you resolve the above
    > >> issue since the IE host won't resolve your assembly's strong name
    > >> until after the permissions grant is complete. For workarounds, see
    > >> http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx.
    > >>
    > >>> Any help will be very appreciate it.
    > >>>
    > >>> Thanks!
    > >>>

    > >
    > >
    > >

    >
    >
    >
     
    Moe, May 15, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. TN Bella
    Replies:
    1
    Views:
    2,478
    Edward
    Jun 18, 2004
  2. Replies:
    4
    Views:
    526
    Chris Uppal
    May 5, 2005
  3. KK
    Replies:
    2
    Views:
    601
    Big Brian
    Oct 14, 2003
  4. MuZZy
    Replies:
    7
    Views:
    1,774
    Mike Hewson
    Jan 7, 2005
  5. mera
    Replies:
    7
    Views:
    1,114
Loading...

Share This Page