来自网络共享的.Net 2.0应用程序，无需FullTrust [英] .Net 2.0 application from network share without FullTrust

问题描述

我试图从网络共享中运行.Net 2.0应用程序，而不使用FullTrust权限集。我想创建一个仅具有我的程序集所需权限的新权限集，然后将其分配给共享路径上的exe。是否有可能做到这一点？
从我有限的实验中，我发现没有FullTrust，我无法通过网络共享来运行任何应用程序。我尝试创建一个新的烫发集，也尝试了所有烫发集和其他烫发集，但似乎都没有用。有人对此有任何经验吗？

I am trying to run a .Net 2.0 application from a network share without using the FullTrust permission set. I want to create a new permission set that has just the permissions my assemblies require, and then assign that to the exe on the shared path. Is it possible to do this? From my limited experiments, I find that I am unable to do get any application working from a network share without FullTrust. I tried creating a new perm set, and also tried the Everything and other perm sets, but none seem to work. Has anyone had any experience with this?

推荐答案

您需要使用强名对程序集进行签名，然后设置cas-policy

You need to sign your assemblies with a strong name and then set the cas-policy for your strong-name to full trust.

为使用您的强名签名的所有代码设置FullTrust的最简单方法是：

The easiest way for setting up FullTrust to all code signed with your strong-name is:

caspol.exe -q -m -ag MyZone -strong -hex [HexCodeOfYourStrongName] -noname -noversion FullTrust -name MyCode -description "Code trust for my code"';

如果将代码拆分为多个程序集，则需要使用该强名称对每个程序集进行签名。您可能需要使用链接需求设置 SecurityPermission 属性，以确保调用者的安全已被接管。

If your code is split up to multiple assemblies you need every assembly to be signed with that strong name. You may need to set the SecurityPermission-Attribute with a link demand, that the security of the caller taken over.

[SecurityPermission(SecurityAction.LinkDemand, Flags = SecurityPermissionFlag.ControlPrincipal)]

这篇关于来自网络共享的.Net 2.0应用程序，无需FullTrust的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！