making permissions optional

Discussion in 'ASP .Net Security' started by David Thielen, Nov 20, 2006.

  1. Hi;

    I have the following method:
    public static InputStream loadResource(String filename, int location)
    throws IOException
    {

    if ((filename == null) || (filename.length() == 0))
    return null;

    if ((location & (THREAD | APP_CLASS | SYSTEM_CLASS)) != 0)
    {
    System.IO.Stream stream =
    Class.ToType(SystemWrapper.class).get_Assembly().GetManifestResourceStream(filename);
    if (stream != null)
    return new JavaInputStream(stream);
    }

    // file
    if ((location & FILE) != 0) {
    File file = new File(filename);
    if (file.exists()) {
    if (log.isInfoEnabled())
    log.info("Loading resource file: " + new
    File(filename).getAbsolutePath());
    return new FileInputStream(file);
    }
    }

    // url last
    if ((location & URL) != 0) {
    try {
    URL url = new URL(filename);
    if (log.isInfoEnabled())
    log.info("Loading resource file: " + new
    File(filename).getAbsolutePath());
    return url.openStream();
    } catch (MalformedURLException mue) {
    // nothing
    }
    }

    return null;
    }

    And it's permissions demanded are:
    <Method Sig="class InputStream loadResource(string , int )">
    <Demand>
    <PermissionSet version="1"
    class="System.Security.PermissionSet">
    <IPermission version="1"
    class="System.Security.Permissions.EnvironmentPermission, mscorlib,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    Read="UserName" />
    <IPermission version="1"
    class="System.Security.Permissions.FileIOPermission, mscorlib,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    Unrestricted="true" />
    <IPermission version="1"
    class="System.Security.Permissions.ReflectionPermission, mscorlib,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    Flags="MemberAccess" />
    <IPermission version="1"
    class="System.Security.Permissions.RegistryPermission, mscorlib,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    Unrestricted="true" />
    <IPermission version="1"
    class="System.Security.Permissions.SecurityPermission, mscorlib,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    Flags="UnmanagedCode, ControlThread, ControlEvidence" />
    <IPermission version="1"
    class="System.Security.Permissions.KeyContainerPermission, mscorlib,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
    Unrestricted="true" />
    </PermissionSet>
    </Demand>
    <Sandbox>
    <PermissionSet version="1"
    class="System.Security.PermissionSet" Unrestricted="true" />
    </Sandbox>
    </Method>

    However, all of the above permissions are not required to run our program.
    In most cases the GetManifestResourceStream is the only part used. How do I
    set this to say that these requests are optional not required?

    I hope it's not having to go set permissions on each method throughout our
    code because that would take weeks.

    --
    thanks - dave
    david_at_windward_dot_net
    http://www.windwardreports.com

    Cubicle Wars - http://www.windwardreports.com/film.htm
     
    David Thielen, Nov 20, 2006
    #1
    1. Advertisements

  2. Hi Dave,

    The Permission Calculator Tool calculates the minimum permission set
    required to run an application by examining all applicable code paths of
    all application assemblies and dependency assemblies:

    #Permission Calculator Tool (Permcalc.exe)
    http://msdn2.microsoft.com/en-us/library/ms165077(VS.80).aspx
    Starting from the entry point of the application, the tool traces all code
    paths through all application assemblies and the shared and system
    libraries called from the application. The tool maintains a simulated call
    stack that contains all the assemblies involved in the code path trace. On
    every code path trace, the tool checks for the presence of declarative
    demands, link demands, and declarative stack walk modifiers.


    If you use Reflector to view J# Assembly.GetManifestResourceStream(), you
    will find one of its called function has unsafe signature:

    internal virtual unsafe Stream GetManifestResourceStream(string name, ref
    StackCrawlMark stackMark, bool skipSecurityCheck)


    The resulting permission set is calculated using the all code paths. That's
    why you're seeing some permission sets that are never used in your code
    directly.


    If your Web application contains code that requires more permissions than
    are granted by a particular ASP.NET trust level, the easiest option is
    customizing a policy file to grant the additional code access security
    permission to your Web application. You can either modify an existing
    policy file and grant additional permissions or create a new one based on
    an existing policy file.

    Another approach that does not require an update to ASP.NET code access
    security policy is wrapping your resource access code in its own wrapper
    assembly and configuring machine-level code access security policy to grant
    the specific assembly the appropriate permission. Then you can sandbox the
    higher-privileged code using the CodeAccessPermission.Assert method so you
    do not have to change the overall permission grant of the Web application.
    The Assert method prevents the security demand issued by the resource
    access code from propagating back up the call stack beyond the boundaries
    of the wrapper assembly.

    For more information about above two different approaches, please refer to
    following article:

    #Using Code Access Security with ASP.NET
    http://msdn2.microsoft.com/en-us/library/aa302425.aspx


    Sincerely,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    ications. If you are using Outlook Express, please make sure you clear the
    check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
    promptly.

    Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
    where an initial response from the community or a Microsoft Support
    Engineer within 1 business day is acceptable. Please note that each follow
    up response may take approximately 2 business days as the support
    professional working with you may need further investigation to reach the
    most efficient resolution. The offering is not appropriate for situations
    that require urgent, real-time or phone-based interactions or complex
    project analysis and dump analysis issues. Issues of this nature are best
    handled working with a dedicated Microsoft Support Engineer by contacting
    Microsoft Customer Support Services (CSS) at
    http://msdn.microsoft.com/subscriptions/support/default.aspx.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Nov 21, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.