13.6 View the Permission Requests Made by an Assembly


13.6 View the Permission Requests Made by an Assembly

Problem

You need to view the declarative permission requests and refusals made within an assembly to correctly configure security policy or understand the limitations of a library you intend to call from your code.

Solution

Use the Permissions View tool ( Permview .exe) that is supplied with the .NET Framework SDK.

Discussion

To configure security policy correctly, you need to know the code access permission requirements of the assemblies you intend to run. This is true of both executable assemblies and libraries that you access from your own applications. With libraries, it's also important to know which permissions the assembly refuses so that you don't try to use the library to perform a restricted action, which would result in a System.Security.SecurityException .

The Permview.exe utility provides a simple mechanism through which you can view the declarative permission requests made within an assembly ” this includes minimum, optional, and refusal requests. The following code shows a class that declares a minimum, optional, and refusal request:

 using System.Net; using System.Security.Permissions; // Minimum permission request for SocketPermission. [assembly:SocketPermission(SecurityAction.RequestMinimum,      Unrestricted = true)] // Optional permission request for SecurityPermission. [assembly:SecurityPermission(SecurityAction.RequestOptional,     Unrestricted = true)] // Refuse request for FileIOPermission. [assembly:SecurityPermission(SecurityAction.RequestRefuse,      Unrestricted = true)] public class PermissionViewExample {     public static void Main() {            // Do something...     } } 

Executing the command permview PermissionViewExample.exe will generate the following output. Although not particularly user friendly, you can decipher the ou t put to determine the permission requests made by an assembly. Each of the three types of permission request ”minimum, optional, and refused ”is listed under a separate heading and is structured as the XML representation of a System.Security.PermissionSet object.

 Microsoft (R) .NET Framework Permission Request Viewer.   Version 1.1.4322.510 Copyright (C) Microsoft Corporation 1998-2002. All rights reserved. minimal permission set: <PermissionSet class="System.Security.PermissionSet" version="1">   <IPermission class="System.Net.SocketPermission, System, Version=1. 0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version=" 1" Unrestricted="true"/> </PermissionSet> optional permission set: <PermissionSet class="System.Security.PermissionSet" version="1">   <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c5 61934e089" version="1" Unrestricted="true"/> </PermissionSet> refused permission set: <PermissionSet class="System.Security.PermissionSet" version="1">   <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c5 61934e089" version="1" Unrestricted="true"/> </PermissionSet> 
Tip  

By specifying the /decl switch when running the Permview.exe utility, you can view all of the declarative security statements contained in an assembly, including declarative demands and asserts. This can give a good insight into what the assembly is trying to do and allow you to configure security policy appropriately. However, be aware that Permview.exe doesn't show the imperative security operations contained within the assembly. There is currently no way to extract and summarize the imperative security operations executed within an assembly.




C# Programmer[ap]s Cookbook
C# Programmer[ap]s Cookbook
ISBN: 735619301
EAN: N/A
Year: 2006
Pages: 266

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net