|
List Info Thread: Medium trust Level
[1-2]
|
||||||||||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||||||||||
Medium trust Level |
|
List Info Thread: Medium trust Level
[1-2]
|
||||||||||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||||||||||
wangdera.com> wrote:
> > The certificate is required if the FlexWiki
project was to distribute
> > assemblies with Strong Names, rather than the
local installer
> > recompiling with self-generated keys to support
Strong Naming. You
> > actually never considered it possible to
distribute FlexWiki with Stong
> > Named assemblies and automatic installation into
the GAC using an
> > installer (it is possible).
>
> Please educate me: nothing I know about strong names
requires a certificate.
> Other projects simply distribute with the source drop
the key pair that the
> assemblies are signed with. That way anyone can
recompile to the same
> binaries. We don't care about tamper detection (which
is a lame feature,
> anyway, IMO), so there's no problem with distributing
the key pair. No
> certificate required.
>
> I'm not sure I follow what you're saying about
automatic GAC installation.
> Our goal has always been to support xcopy deployment,
so we'd rather steer
> clear of using an installer, which sort of rules out
the GAC. In any event,
> I'm not sure I understand why the GAC is necessary -
aren't unsigned
> assemblies on the local hard drive are granted full
trust? I would think
> they'd have to be - the assemblies generated by ASP.NET
from your pages
> don't wind up in the GAC, after all.
A certificate is only necessary if you wanted to use the new
deployment options in v2.0 that are meant to replace the
xcopy
deployment. If you use xcopy and there is a local compile
then a key
pair distribution as you describe works okay.
Because FlexWiki has been running in Full Trust mode most of
the .Net
security model has been ignored. Full Trust is a special
mode that
says the site is managing security in a model outside of
.Net. Once
you start running at any level other than Full Trust then
.Net is
responsible for at least part of the security model and
becomes
significantly more difficult to configure and use in order
to achieve
the security objectives. If an assembly is not in the GAC
and you are
not using Full Trust then it only has MyComputer Zone
permission,
meaning that it is only trusted for individuals directly on
the
server, not those accessing the assembly from an external
source.
>
> > > > Finally Medium Trust will probably have
difficulty operating with
> > > > any Membership conditions.
> > >
> > > I'm curious why you say that.
> >
> > The default Medium Trust precludes access to the
PrincipalPermission
> > which is required for use by Membership providers.
I have attached a
> > complete permission set analysis for ASP.NET v1.1
(and noted the
> > differences in V2.0 - that essentially enable
Oracle to be used at
> > Medium Trust as well as SQL Server).
>
> Fair enough. If we do ever get FlexWiki to run at
Medium, then I think it's
> reasonable to say that certain features don't
work...like membership.
> There's only so much we can do.
>
> > I really believe that FlexWiki could be run under
limited conditions
> > using Medium Trust, but it is going to be very
difficult for anyone to
> > configure it in aMedium Trust environment on a ISP
Hosted environment.
> > One limitation that would be imposed by Medium
Trust is that the
> > UIPermission is not enabled meaning that file
uploads would not be
> > possible - this could be corrected by modifying
the Medium Trust policy
> > file but that means having control of the server.
>
> Why is UIPermission required for uploads? Medium trust
is on the server, but
> any UI popup happens on the browser...
>
An upload can be achieved by the user typing in the local
file name,
but the codegoing out from the server will fail if it
includes a call
to any UI element such as a file dialog - I guess this was
done, even
at the client end, because of the security objectives (why
questions,
though permitted are never really satisfying, better to ask
with what
consequence or what were the motivations that gave this
result and was
this what was really intended - you need to ask within
Microsoft .Net
security).
>
>
>
------------------------------------------------------------
-------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the
chance to share your
> opinions on IT & business topics through brief
surveys - and earn cash
> 
So, this will all be really good information when (if) it
comes time to try
to make FlexWiki run at Medium Trust. First stop: making it
run at all.