Fog Creek Software
Discussion Board




Welcome! and rules

Joel on Software

.NET Framework permissions.

Hi.

We developed a C# application that works perfectly on or network.

When the client deployed the application on it's network problems started to crop up on restricted user accounts (Core assemblies couldn't load because the neede privileges weren't granted).

What are the minimum privileges needed to run Windows.Form applications?

Thanks

anony mouse
Thursday, July 01, 2004

I’m also interested in this topic.  We’re supporting a VB6/COM app with a critical customer that is unusually tight with their network security.  What’s worse is that this app is a kiosk-type program that runs unattended.  The client’s network admins have the user accounts the app uses locked down even tighter because there isn’t a single person to be held responsible.

Needless to say this scenario has generated too many support calls.  In the follow-on (VB.NET WinForms) I’d love to be able to check the permissions for the user account at startup and alert the user if the app won’t function properly.

To clarify, I’m interested in user permissions and not permissions for the assembly.

Thanks.

Joe Paradise
Thursday, July 01, 2004

It 100% depends on what the application is trying to do, and what the ACLs on the resources are.

Greg Hurlman
Friday, July 02, 2004

Go to Administrative Tools, Runtime Security Policy. Under there you'll see three items: Enterprise, Machine, and User. Under each of these are permission sets for "Local Intranet", which is likely to be the permission group your code is running with, if the executable files are being accessed from a network share.

It's possible that, somewhere along the way, your boxes got the sandbox turned off, but your customers don't.

Brad Wilson (dotnetguy.techieswithcats.com)
Friday, July 02, 2004

Oh, and the difference between "Local Intranet" and "Internet" is generally where the hostname that's being used to access the code is a local hostname (i.e., "FRED") or an Internet hostname (i.e., "FRED.FOO.COM").

Brad Wilson (dotnetguy.techieswithcats.com)
Friday, July 02, 2004

*  Recent Topics

*  Fog Creek Home