Running application in local intranet

  • Thread starter Thread starter bjarne
  • Start date Start date
B

bjarne

I´ve made a desktop application in C# (.NET 1.1) and now I would like
it to run in a local intranet. I know that I can change the .NET
configuration on each client and give the specific application
FULL_TRUST permission on the machine ... but isn´t there an easier way
??

Each assembly in the application is strong named, and I seem to
remember that this should make it possible to have .NET prompt each
user for FULL_TRUST permission when the application is initially
launch. This would remove the need for changing the .NET configuration
on each machine and make my life much easier :-)

Is this possible or is my memory playing me for a fool :-)

Regards
Bjarne
 
Hello Bjarne,

What you can possibly do is to create a code group for your application on
the enterprise security policy level and designate the "FullTrust"
permission set for said code group. The strong name of the application's
assembly can serve as the evidence for the code group membership condition.

I´ve made a desktop application in C# (.NET 1.1) and now I would like
it to run in a local intranet. I know that I can change the .NET
configuration on each client and give the specific application
FULL_TRUST permission on the machine ... but isn´t there an easier way
??

Each assembly in the application is strong named, and I seem to
remember that this should make it possible to have .NET prompt each
user for FULL_TRUST permission when the application is initially
launch. This would remove the need for changing the .NET configuration
on each machine and make my life much easier :-)

Is this possible or is my memory playing me for a fool :-)

Regards
Bjarne
 
or, if you plan to deploy several applications which will have of course different
strong names, you could set up the policy level using the Publisher's signing
certificate (which generates an Authenticode signature on the assembly) as
evidence. This would then apply to ANY assembly signed by the (presumably
enterprise-trusted) certificate with its associated fingerprint.
- Mitch Gallant
MVP Security
 
As an addition to this, I am trying to do a very similar thing, however
after adding a code group with the strong name for the dll as evidence,
it still does not work. The only time it works is if I set ALL CODE to
FULL TRUST. Any clues?

Thanks
 
Back
Top