W
Wendy
I have a .dll user control embedded into a web page using the <object>
tag. This control needs to access some priveleged resources such as
HTTP.
I tried this:
new WebPermission(PermissionState.Unrestricted).Assert();
proxyObject = WebProxy.GetDefaultProxy();
WebPermission.RevertAssert();
but it gave me a SecurityException.
I was looking around and tried what was suggested in this thread:
http://groups.google.com/groups?hl=...sZZw6HVDHA.2308%40TK2MSFTNGP12.phx.gbl&rnum=3
It worked great, but I don't want every person who accesses the
webpage to do all that, plus some might not have administrative access
to change the security policy.... So I tried to sign my .dll with an
Authenticode digital signature using signcode.exe and a certificate
that was purchased from Verisign. The code above gave me a
SecurityException again. I checked the Permission Sets for each group
(enterprise, machine, user) using caspol -rsg, and it was FullTrust
for Enterprise and User, but not for Machine. Machine had this:
1. All code: Nothing
1.5. Zone - Trusted: Internet
1.5.1. All code: Same site Web.
Is it possible to sign the dll in such a way that it can gain
FullTrust without the user doing anything except for maybe
accepting/declining?
Also, I did not notice a Security Warning popup when I loaded the
webpage, I'm not sure if it's because I installed the certificate
somewhere, but I looked in Certificates under Internet Options and it
wasn't there.
Thanks for any help,
Wendy
tag. This control needs to access some priveleged resources such as
HTTP.
I tried this:
new WebPermission(PermissionState.Unrestricted).Assert();
proxyObject = WebProxy.GetDefaultProxy();
WebPermission.RevertAssert();
but it gave me a SecurityException.
I was looking around and tried what was suggested in this thread:
http://groups.google.com/groups?hl=...sZZw6HVDHA.2308%40TK2MSFTNGP12.phx.gbl&rnum=3
It worked great, but I don't want every person who accesses the
webpage to do all that, plus some might not have administrative access
to change the security policy.... So I tried to sign my .dll with an
Authenticode digital signature using signcode.exe and a certificate
that was purchased from Verisign. The code above gave me a
SecurityException again. I checked the Permission Sets for each group
(enterprise, machine, user) using caspol -rsg, and it was FullTrust
for Enterprise and User, but not for Machine. Machine had this:
1. All code: Nothing
1.5. Zone - Trusted: Internet
1.5.1. All code: Same site Web.
Is it possible to sign the dll in such a way that it can gain
FullTrust without the user doing anything except for maybe
accepting/declining?
Also, I did not notice a Security Warning popup when I loaded the
webpage, I'm not sure if it's because I installed the certificate
somewhere, but I looked in Certificates under Internet Options and it
wasn't there.
Thanks for any help,
Wendy