.Net Framework, How to controll security level for trusted sites, on dot.net rollo

microsoft.public.dotnet.framework - Microsoft .NET technology


.Net Framework >> How to controll security level for trusted sites, on dot.net rollo

by RGFubnkgSGlsbGU » Tue, 24 Aug 2004 15:41:01 GMT

Hi We are roling the dotnet framework 1.1 out on some windows clients (a mix
of 2000 and xp clients)
after install of .NET framework we set the trusted zones in IE (no problems
simple reg setting).
And then we want to set teh security level for the .NET framework for
trusted sites... But this is not a reg setting, where is it set? and how? Is
it in machine.config?

Any Articles out there describing this issue, or any help would be
appreciated.

Thanks in advance
Danny Hille
Top
Similar Threads

1. Security/Trust Level on Web Application - Asp.Net

2. Security, Trust Level in Web.Config

3. EnterpriseLibrary.Security and medium trust level - ASP.NET Security

4. Security Exception due to Medium trust level

5. Build Error while debugging ASP.NET 2.0 Web services on IIS due to Trust Level - Asp.Net Web Service

6. ASP.NET 1.1 app breaks when moved to shared webhosting with medium trust level 

Hi, how do you allow strongly type cast parameters to be passed to C#
functions that use weakly type cast parameters while running under the
"Medium" Trust Level security policy shipped with the ASP.NET 1.1
framework?

I've written a general error reporting routine that formats and returns

error messages for various exceptions.  The routine accepts a
System.Object which it then typecasts into the correct exception object

using the object's name property.


When I run this under the "Full" Trust Level security policy, the
routine works and no errors are reported.


When I run this under the "Medium" Trust Level security policy on our
shared webhosting provider, the routine fails to compile because the
.NET code verifier flags all the calls to this error routine as
"unsafe", because the data types of the expected and passed parameters
do not match.


The actual error reported is "System.Security.VerificationException:
Operation could destabilize the runtime".  The problem line in the
stack trace points to the function definition line for rptError that
contains the expected System.Object parameter.


The shared webhosting provider has not modified the "Medium" Trust
Level security policy, and has used it "as-is" from the .NET 1.1
framework.


Sample code of the call and function appears below:


try{


        ... arbitrary code that may throw an exception ...



}catch (Exception e){


        result = rptError((System.Object) e);


}


public System.String rptError(System.Object objError)
{
        string result="";
        switch(objError.GetType().Name)
        {
                case "Exception":
                        Exception e=(FormatException)objError;
                        result = "exception: " + Environment.NewLine +
                                  e.Message + Environment.NewLine +
                                  e.Source + Environment.NewLine +
                                  e.StackTrace;
                        break;
        }
        return(result);


} 


Can anyone see what is going wrong here? 

Andy

7. big problem with asp.net application trust level on new server - Asp.Net

8. Adjusting client's .net trust level 

Hi,

I want my aspx page to prompt the client to change his trust level for .net
code to be FullTrust on Intranet (Instead of the client doing it manually
through: Admin tools -> .net wizard)

How can I do that??

Thanks, Hagay.