March 20, 2019
Hot Topics:

Code Access Security with Microsoft .NET Framework

  • February 17, 2005
  • By Mark Strawmyer
  • Send Email »
  • More Articles »

Step 4: Try to Read a File

  1. Add a button onto your Windows Form in your sample project.
  2. Enter the following code to the button's click event:
  3. try{   Form1.SplitFileByLine(@"c:\helloworld.txt");   MessageBox.Show("Able to read", "Read OK");}catch( SecurityException securityEx ){   MessageBox.Show( securityEx.Message, "Security Exception" );}catch( IOException fileException ){   MessageBox.Show( fileException.Message, "IO Exception" );}
  4. Also, add the following additional code to handle the file reading (I'm all about reuse, so I pulled it from one of my prior articles on Parsing Data Files.):
  5. /// <summary>/// Read the contents of the file and return an array of lines/// </summary>/// <param name="FileName">Location of the file.</param>public static string[] SplitFileByLine(string FileName){   StreamReader fileReader = null;   try   {      // Read the contents of the entire file      fileReader = new StreamReader(FileName);      System.Text.StringBuilder fileContents =         new System.Text.StringBuilder();      char[] buffer = new char[32768];      while( fileReader.ReadBlock(buffer, 0,                                  buffer.Length) -> 0 )      {         fileContents.Append(buffer);         buffer = new char[32768];      }      // Separate the contents of the file into lines      fileContents = fileContents.Replace("\r\n", "\n");      return fileContents.ToString().Split('\n');   }   finally   {      if( fileReader != null )      {         fileReader.Close();      }   }}
  6. Compile and run the program. You should see a dialog similar to Figure 7, which tells you that your assembly was evaluated and the evidence presented put you into a restricted group. As a result, not everything you try to do will be allowed.

    Figure 7. The Evidence Presented Put You into a Restricted Group

  7. Click the button you added to your form.
  8. You should see a message box that displays information on the SecurityException that was generated (see Figure 8).

    Figure 8. Information on the Generated SecurityException

Step 5: Grant Access to Read a File

  1. Go back to the .NET Configuration 1.1 tool.
  2. Go into the Runtime Security Policy, Machine, Permission Sets, and right-click on the CodeGuruSamplePermission set created earlier. Select the Change Permissions... option.
  3. Under the Available Permissions list, select the File IO list item and press the Add >> button.
  4. Complete the Permission Settings (similar to the dialog below in Figure 9) or just select the unrestricted access option. (I chose the most restrictive option, which is generally a good idea from a security perspective).

    Figure 9. Permission Settings to Grant Access to Read a File

  5. Click the OK button, followed by the Finish button.
  6. If you execute your project again, you should ultimately receive a message box indicating that the program was able to read the file, assuming the file exists and is in a location where you have read permissions. Recall that the evidence-based security works on top of Win32 security, so if the operating system isn't granting you permissions to read the file, you're still not going to be able to read the file.

Stay Tuned for Part 2

This lengthy example demonstrated how you could use the security policy to allow or deny actions to assemblies. The second part of this two-part series will explore the System.Security.Permissions namespace. It looks at imperative and declarative security checks and overriding security checks with the Assert() method.

About the Author

Mark Strawmyer, MCSD, MCSE, MCDBA is a Senior Architect of .NET applications for large and mid-size organizations. Mark is a technology leader with Crowe Chizek in Indianapolis, Indiana. He specializes in architecture, design, and development of Microsoft-based solutions. Mark was honored to be named a Microsoft MVP for application development with C# for the second year in a row. You can reach Mark at mstrawmyer@crowechizek.com.

Page 2 of 2

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date