Stacy Goode

Stacy Goode

  • NA
  • 1
  • 0

Security Code Snafu

Feb 2 2010 5:18 PM
CodeAccessPermission fiop = new FileIOPermission(PermissionState.Unrestricted);
CodeAccessPermission ep = new EnvironmentPermission
    (EnvironmentPermissionAccess.Read, "USERNAME"));
CodeAccessPermission fdp = new FileDialogPermission(FileDialogPermissionAccess.Open));
CodeAccessPermission isfp = new IsolatedStorageFilePermission(PermissionState.Unrestricted));
CodeAccessPermission rp = new ReflectionPermission(ReflectionPermissionFlag.MemberAccess));
CodeAccessPermission uip = new UIPermission(UIPermissionWindow.SafeTopLevelWindows));
CodeAccessPermission pp = new PrintingPermission(PrintingPermissionLevel.SafePrinting));
Console.WriteLine(fiop.GetType().ToString() + ": " + SecurityManager.IsGranted(fiop));
Console.WriteLine(ep.GetType().ToString() + ": " + SecurityManager.IsGranted(ep));
Console.WriteLine(fdp.GetType().ToString() + ": " + SecurityManager.IsGranted(fdp));
Console.WriteLine(isfp.GetType().ToString() + ": " + SecurityManager.IsGranted(isfp));
Console.WriteLine(rp.GetType().ToString() + ": " + SecurityManager.IsGranted(rp));
Console.WriteLine(uip.GetType().ToString() + ": " + SecurityManager.IsGranted(uip));
Console.WriteLine(pp.GetType().ToString() + ": " + SecurityManager.IsGranted(pp));

 
If the above code is ran from a command prompt from C:\ and with administrator privileges, it produces 'true' to all permissions (C:\Permissions.exe) since My_Computer_Zone (C:\) has the Full Trust permission set.
If the above code is ran from a command prompt through a loopback with administrator privileges, it should NOT produce 'true' for several permissions (\\127.0.0.1\C$\Permissions.exe). Permissions.exe is now running from a shared folder and hence under the Internet Zone. Specifically IsolatedStorageFilePermission. Yet in my case it does!
.NET Configuration Tool shows everything as normal. Zones and their respective trusts are as follows. My Computer: Full Trust; Local Intranet: Medium Trust; Internet: Low Trust; Trusted Sites: Low Trust; Untrusted Sites: No Trust.
Runtime Security Policy –> Machine –> Code Groups –> All_Code –> Internet_Zone –> Internet_Same_Site_Access also reset to normal settings.
I'm baffled! Any help is welcomed.
* Code, although modified, is courtesy of Tony Northrup's book "Microsoft .NET Framework – Application Development Foundation".