Step 17. Code Access Security


Machine level code access security policy is determined by settings in the Security.config file located in the following directory: %windir%\Microsoft.NET\Framework\{version}\CONFIG

Run the following command to be sure that code access security is enabled on your server:

caspol -s On

For more information about configuring code access security for ASP.NET Web applications, see Chapter 9, "Using Code Access Security with ASP.NET."

During this step, you:

  • Remove all permissions for the local intranet zone .

  • Remove all permissions for the Internet zone .

Remove All Permissions for the Local Intranet Zone

The local intranet zone applies permissions to code running from UNC shares or internal Web sites. Reconfigure this zone to grant no permissions by associating it with the Nothing permission set.

 Task   To remove all permissions for the local intranet zone

  1. Start the Microsoft .NET Framework version 1.1 Configuration tool from the Administrative Tools program group .

  2. Expand Runtime Security Policy , expand Machine , and then expand Code Groups .

  3. Expand All_Code and then select LocalIntranet_Zone .

  4. Click Edit Code Group Properties .

  5. Click the Permission Set tab.

  6. Select Nothing from the drop-down Permission list.

  7. Click OK .

    The dialog box shown in Figure 16.6 is displayed.

    click to expand
    Figure 16.6: Setting LocalIntranet_Zone code permissions to Nothing

Remove All Permissions for the Internet Zone

The Internet zone applies code access permissions to code downloaded over the Internet. On Web servers, this zone should be reconfigured to grant no permissions by associating it with the Nothing permission set.

Repeat the steps shown in the preceding section, "Remove All Permissions for the Local Intranet Zone," except set the Internet_Zone to the Nothing permission set.




Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net