StrongNameIdentityPermission

S

SteveR

I'm trying to protect my class library by using the following code

StrongNameIdentityPermission(SecurityAction.Demand, PublicKey = "...")]

To test if this is working I wrote another application with a different
public key. When I try to call the function it still works. Why is it allowed
to call the function?
 
D

Dominick Baier [DevelopMentor]

IdentityPermissions are only enforced in partial trust - they are not effective
when the caller is fully trusted.

quoting http://blogs.msdn.com/eugene_bobukh/archive/2005/05/06/415217.aspx

"The bottom line is, Identity permissions Demands could not [and should not]
be used as measure of Security protection against highly privileged code.
The best they provide in Full Trust is an illusion of protection, what can
be even worse than no protection at all."
 
S

SteveR

I thought that was where I was going wrong. So my next question is how can I
stop a fully trusted app using my class library unless the strong name
matches my criteria?
--
Steve


Dominick Baier said:
IdentityPermissions are only enforced in partial trust - they are not effective
when the caller is fully trusted.

quoting http://blogs.msdn.com/eugene_bobukh/archive/2005/05/06/415217.aspx

"The bottom line is, Identity permissions Demands could not [and should not]
be used as measure of Security protection against highly privileged code.
The best they provide in Full Trust is an illusion of protection, what can
be even worse than no protection at all."
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
I'm trying to protect my class library by using the following code

StrongNameIdentityPermission(SecurityAction.Demand, PublicKey =
"...")]

To test if this is working I wrote another application with a
different public key. When I try to call the function it still works.
Why is it allowed to call the function?
Click to expand...
Click to expand...
 
H

Henning Krause [MVP]

You cannot effectively stop fully trusted code from doing that.

In the worst case, an attacker could decompile, modify an recompile your
assemblies and any protection whatsoever would be gone for good.

Greetings,
Henning Krause

SteveR said:
I thought that was where I was going wrong. So my next question is how can
I
stop a fully trusted app using my class library unless the strong name
matches my criteria?
--
Steve


Dominick Baier said:
IdentityPermissions are only enforced in partial trust - they are not
effective
when the caller is fully trusted.

quoting
http://blogs.msdn.com/eugene_bobukh/archive/2005/05/06/415217.aspx

"The bottom line is, Identity permissions Demands could not [and should
not]
be used as measure of Security protection against highly privileged code.
The best they provide in Full Trust is an illusion of protection, what
can
be even worse than no protection at all."
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
I'm trying to protect my class library by using the following code

StrongNameIdentityPermission(SecurityAction.Demand, PublicKey =
"...")]

To test if this is working I wrote another application with a
different public key. When I try to call the function it still works.
Why is it allowed to call the function?
Click to expand...
Click to expand...
Click to expand...
 
S

SteveR

OK I understand the worst case but I want to stop someone simply logging in
as Administrator or using CASPOL to fully trust their app giving it access to
my class library. This is far easier for someone to do than decompiling my
code modifying it etc. So how can I ensure that the CAS checks run even when
called by a fully trusted app or with the admin logon?
--
Steve


Henning Krause said:
You cannot effectively stop fully trusted code from doing that.

In the worst case, an attacker could decompile, modify an recompile your
assemblies and any protection whatsoever would be gone for good.

Greetings,
Henning Krause

SteveR said:
I thought that was where I was going wrong. So my next question is how can
I
stop a fully trusted app using my class library unless the strong name
matches my criteria?
--
Steve


Dominick Baier said:
IdentityPermissions are only enforced in partial trust - they are not
effective
when the caller is fully trusted.

quoting
http://blogs.msdn.com/eugene_bobukh/archive/2005/05/06/415217.aspx

"The bottom line is, Identity permissions Demands could not [and should
not]
be used as measure of Security protection against highly privileged code.
The best they provide in Full Trust is an illusion of protection, what
can
be even worse than no protection at all."
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

I'm trying to protect my class library by using the following code

StrongNameIdentityPermission(SecurityAction.Demand, PublicKey =
"...")]

To test if this is working I wrote another application with a
different public key. When I try to call the function it still works.
Why is it allowed to call the function?
Click to expand...
Click to expand...
Click to expand...
 
D

Dominick Baier [DevelopMentor]

you could manually check the call chain - we had this discussion before...may
raise the bar...but is not watertight and gives you a false sense of security...

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
OK I understand the worst case but I want to stop someone simply
logging in as Administrator or using CASPOL to fully trust their app
giving it access to my class library. This is far easier for someone
to do than decompiling my code modifying it etc. So how can I ensure
that the CAS checks run even when called by a fully trusted app or
with the admin logon?

Henning Krause said:
You cannot effectively stop fully trusted code from doing that.

In the worst case, an attacker could decompile, modify an recompile
your assemblies and any protection whatsoever would be gone for good.

Greetings,
Henning Krause
I thought that was where I was going wrong. So my next question is
how can
I
stop a fully trusted app using my class library unless the strong
name
matches my criteria?
--
Steve
:

IdentityPermissions are only enforced in partial trust - they are
not
effective
when the caller is fully trusted.
quoting
http://blogs.msdn.com/eugene_bobukh/archive/2005/05/06/415217.aspx

"The bottom line is, Identity permissions Demands could not [and
should
not]
be used as measure of Security protection against highly privileged
code.
The best they provide in Full Trust is an illusion of protection,
what
can
be even worse than no protection at all."
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
I'm trying to protect my class library by using the following code

StrongNameIdentityPermission(SecurityAction.Demand, PublicKey =
"...")]

To test if this is working I wrote another application with a
different public key. When I try to call the function it still
works. Why is it allowed to call the function?
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Protecting .NET assemblies (runtime) 16
Web Application, Web Service, Class Libraries, and StrongNameIdentityPermissionAttribute Class 1
Trouble accessing a value within a JSON string. 1
I'm tempted to quit out of frustration 1
Ajax changing get to post and header data disappears 5
Tasks 1
School Project 1
Issue with passing fetched data to POST form. How can I? 0

Members online

No members online now.
Total: 32 (members: 1, guests: 31)
Robots: 449

Forum statistics

Threads
473,770
Messages
2,569,583
Members
45,074
Latest member
StanleyFra

Latest Threads

Top