How to specify security access for assembly running in ASP.NET

[Shimon Sim]

How to specify security access for assembly running in ASP.NET?

FxCop requests it always and I always ignore it. I am thinking that this is
good thing to know how to do.

I usually need the same rights that asp.net process has. The dll needs to
write some files under directory - usually but some times not.

Thank

Shimon

 

[Steven Cheng[MSFT]]

Hi Shimon,

Welcome to the MSDN newsgroup.

As for the security access setting for .net assembly in ASP.NET web
application, it is divided into two parts:

1. By default, the .NET Code Access security (CAS) setting for ASP.NET
application is at "Full" trust level, so there is not limit for .net
security restriction on the managed code executing in ASP.NET applcation.
What we need to take care of is the raw windows OS level security. This
concern with the ASP.NET's process identity (or the impersonated account)
with those protected resource our ASP.NET application will access(such as
eventlog, registry, filesystem....).

2. Also, we can apply .net's code access security setting (policy) for the
code, assembly in our ASP.NET web application. This security is configured
and checked within the .net managed runtime, independent of the operating
system's security. Here are some msdn reference on applying .net CAS to
ASP.NET web application:

#Chapter 9 ¨C Using Code Access Security with ASP.NET
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/THCMCh09.asp

#How To: Use Code Access Security in ASP.NET 2.0
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html
/paght000017.asp

Hope this helps.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)