Running application in local intranet

[bjarne]

I´ve made a desktop application in C# (.NET 1.1) and now I would like
it to run in a local intranet. I know that I can change the .NET
configuration on each client and give the specific application
FULL_TRUST permission on the machine ... but isn´t there an easier way
??

Each assembly in the application is strong named, and I seem to
remember that this should make it possible to have .NET prompt each
user for FULL_TRUST permission when the application is initially
launch. This would remove the need for changing the .NET configuration
on each machine and make my life much easier

Is this possible or is my memory playing me for a fool

Regards
Bjarne

 

[Dmytro Lapshyn [MVP]]

Hello Bjarne,

What you can possibly do is to create a code group for your application on
the enterprise security policy level and designate the "FullTrust"
permission set for said code group. The strong name of the application's
assembly can serve as the evidence for the code group membership condition.

I´ve made a desktop application in C# (.NET 1.1) and now I would like
it to run in a local intranet. I know that I can change the .NET
configuration on each client and give the specific application
FULL_TRUST permission on the machine ... but isn´t there an easier way
??

Each assembly in the application is strong named, and I seem to
remember that this should make it possible to have .NET prompt each
user for FULL_TRUST permission when the application is initially
launch. This would remove the need for changing the .NET configuration
on each machine and make my life much easier

Is this possible or is my memory playing me for a fool

Regards
Bjarne

 

[Mitch Gallant]

or, if you plan to deploy several applications which will have of course different
strong names, you could set up the policy level using the Publisher's signing
certificate (which generates an Authenticode signature on the assembly) as
evidence. This would then apply to ANY assembly signed by the (presumably
enterprise-trusted) certificate with its associated fingerprint.
- Mitch Gallant
MVP Security

 

[Bjarne Riis]

Hello Dmytro

With the risk of sounding stupid ... how do I do that ?

 

[adrian.snell]

As an addition to this, I am trying to do a very similar thing, however
after adding a code group with the strong name for the dll as evidence,
it still does not work. The only time it works is if I set ALL CODE to
FULL TRUST. Any clues?

Thanks

 

[Dmytro Lapshyn [MVP]]

Hello Bjarne,

These links should be a good start.

http://www.15seconds.com/issue/040121.htm
http://msdn2.microsoft.com/en-us/library/w0fa60b5.aspx