none
FileIOPermission in WinControl hosted in IE RRS feed

  • Question

  • Hello
    I have a WinControl that will be hosted in IE. When I change the security configration every thing is fine but I can not change my clients' security configuration then I have to give the permission to my code. The server will be in their side then it will be in the intranet zone.
    For test I created a sample WinControl with three button on it: "MakeFile", "FileDialog" and "WebService".
    In my "WebService" button click I have this code:
    new SecurityPermission(SecurityPermissionFlag.AllFlags).Assert();
    MyWebService ws = new MyWebService();
    string result = ws.CheckWebService();
    MessageBox.Show(result);
    CodeAccessPermission.RevertAssert();
    and it works fine.
    But in "FileDialog" I have these codes:
    if (saveFileDialog.ShowDialog() == DialogResult.OK)
    {
        new FileIOPermission(PermissionState.Unrestricted).Assert();
        MessageBox.Show("Your file will be saved in " + saveFileDialog.FileName);
    }
    CodeAccessPermission.RevertAssert();
    and I am getting this exception after selecting file in dialog from FileName property.
    System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
    In the "MakeFile" I am getting the same exception as "FileDialog". My code is:
    new FileIOPermission(PermissionState.Unrestricted).Assert();
    StreamWriter sw = File.CreateText("C:\\Test.Txt");
    sw.WriteLine(
    "Hello");
    sw.Close();
    CodeAccessPermission.RevertAssert();
    MessageBox.Show("Test.Txt has been created");
    Also I have these in my Web.Config
    <system.web>
        <
    trust level="Full" originUrl="" />
    </
    system.web>

    Thanks in advance

    Thursday, June 26, 2008 12:02 AM

All replies

  • There's no way around this. You must change something on the client's desktop because the client desktop must 'clear' the operation to proceed. You either create a security policy and deploy it to the client's machine or add the client's web page to the trusted computer zone and use javascript to update the security policy on the client's machine. Here's a link on security policy distribution at the enterprise level: http://support.microsoft.com/kb/555688
    Sunday, November 16, 2008 2:03 AM
  • Try OpenFileDialog.OpenFile(). I'm not sure if it works in IE, but it has a greatly reduced permission requirement (the argument being that the user must select the file that you will read or write, so they're giving implicit permission). Untrusted apps can do it. I'm not sure if IE plugins can.





    Sunday, November 16, 2008 6:40 AM
  • Hi Vapordan
    For using this solution my clients needs to install policy MSI package on their machine. What kind of permission the end users needs to have to install this package?
    Mohsen
    Sunday, November 16, 2008 12:42 PM
  • They will need whatever permissions that is required. You figure out the permissions by using a clean machine and configuring CAS policy until the control works. Then you create a deployment package from that CAS policy and distribute it to your clients.

    Vapordan
    [Shameless Author plug]
    The O.W.C. Black Book, 2nd Edition
    Exclusively on www.lulu.com/owc $19.99
    -------------------------------------------------------
    Tuesday, December 16, 2008 2:54 PM