Caspol

  • Thread starter Thread starter Deepak
  • Start date Start date
D

Deepak

I have to show a Windows Form user control in a web page using the
object tag.
Now i have configure the security configuration on the client side
using Caspol.exe. Now i need to give all the assemblies downloaded
from the url "http://myserver" certain security permissions.

how do i do tht without asking the client to do it?

Any help would be appreciated.

Regards
Deepak
 
I have to show a Windows Form user control in a web page using the
object tag.
Now i have configure the security configuration on the client side
using Caspol.exe. Now i need to give all the assemblies downloaded
from the url "http://myserver" certain security permissions.

how do i do tht without asking the client to do it?

Any help would be appreciated.

Regards
Deepak
how do i do tht without asking the client to do it?

You don't. That's the idea. Your client has to take an
explicit action to indicate to what degree content from your
site is to be trusted.

In an enterprise environment you would use your deployment
infrastructure to deploy the necessary code group and
permission set to all the necessary machines in the
enterprise.

In your case you could send a .bat file with caspol commands
to the client and ask them to run it.

However beware that a URL membership condition (by itself)
makes you responsible for keeping that site secure;
otherwise an attacker can invade your site or even take your
site down (setting up a rogue server to impersonate your
site) and then load malicious code on the client to run with
your custom (and possibly dangerous) permission set.
 
Hi,

Thanks for the reply. I need to clarify one more thing. Can I give my
code full permission programmatically?

How do i do tht?

Regards
Deepak
 
Code can't give itself more permissions than it deserves (as prescribed by
the CLR and policy).

Christian
 
Back
Top