CasPol security

TheMSsForum.com: The Microsoft Software Forum

Whats the danger in doing:

C:\...\caspol -enterprise -addfulltrust L:\foo.exe

foo is a local network (non-web based) application that
references internal databases and general web based
information sites.

Steve
Top

Re: CasPol security by Chris

Chris
Tue May 25 07:58:35 CDT 2004

The danger is that the application is being granted more rights than
necessary. If, somehow, the application were compromised through a stack
overrun or some other as yet undiscovered vulnerability, a hacker could do
damage to your system.

As a matter of policy applications should not run with privileges greater
than absolutely necessary. That is why the security model has changed and is
based on where the code came from rather than on who is logged in.

--

Chris Rolon

This posting is provided "AS IS" with no warranties, and confers no rights.

<anonymous@discussions.microsoft.com> wrote in message
news:11dba01c44251$77d1aa30$a301280a@phx.gbl...
> Whats the danger in doing:
>
> C:\...\caspol -enterprise -addfulltrust L:\foo.exe
>
> foo is a local network (non-web based) application that
> references internal databases and general web based
> information sites.
>
> Steve


Top

Re: CasPol security by Steve

Steve
Tue May 25 09:33:10 CDT 2004

Chris.

I agree with your comments and thus is my concern.
However, while knowing nothing about security, it seems
running the Framework wizard "trust assembly" requires
that application be given full trust.

How can I [begin] to lower the trust level of the
application?

Steve
>-----Original Message-----
>The danger is that the application is being granted more
rights than
>necessary. If, somehow, the application were compromised
through a stack
>overrun or some other as yet undiscovered vulnerability,
a hacker could do
>damage to your system.
>
>As a matter of policy applications should not run with
privileges greater
>than absolutely necessary. That is why the security model
has changed and is
>based on where the code came from rather than on who is
logged in.
>
>--
>
>Chris Rolon
>
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
><anonymous@discussions.microsoft.com> wrote in message
>news:11dba01c44251$77d1aa30$a301280a@phx.gbl...
>> Whats the danger in doing:
>>
>> C:\...\caspol -enterprise -addfulltrust L:\foo.exe
>>
>> foo is a local network (non-web based) application that
>> references internal databases and general web based
>> information sites.
>>
>> Steve
>
>
>.
>
Top

Re: CasPol security by Chris

Chris
Tue May 25 16:33:25 CDT 2004

You need to figure out the minimum permissions required. This is something
that you should have somewhat of a handle on.

For example, any I/O will require access to the file system. But, are do you
really need access to the file system or just Isolated Storage. these are
different. The application will normally already have access to Isolated
Storage.

Do you require access to the registry, environment variables, printing,
UI...?

These are all questions that must be answered and trust can be applied
accordingly.

If the assembly uses declarative security, use PermView to give you a list
of the required permissions. Otherwise, test the application with an account
that has no additional priviliges.

Chris Rolon


"Steve" <sbianco1@yahoo.com> wrote in message
news:11fad01c44265$33e60820$a601280a@phx.gbl...
> Chris.
>
> I agree with your comments and thus is my concern.
> However, while knowing nothing about security, it seems
> running the Framework wizard "trust assembly" requires
> that application be given full trust.
>
> How can I [begin] to lower the trust level of the
> application?
>
> Steve
> >-----Original Message-----
> >The danger is that the application is being granted more
> rights than
> >necessary. If, somehow, the application were compromised
> through a stack
> >overrun or some other as yet undiscovered vulnerability,
> a hacker could do
> >damage to your system.
> >
> >As a matter of policy applications should not run with
> privileges greater
> >than absolutely necessary. That is why the security model
> has changed and is
> >based on where the code came from rather than on who is
> logged in.
> >
> >--
> >
> >Chris Rolon
> >
> >This posting is provided "AS IS" with no warranties, and
> confers no rights.
> >
> ><anonymous@discussions.microsoft.com> wrote in message
> >news:11dba01c44251$77d1aa30$a301280a@phx.gbl...
> >> Whats the danger in doing:
> >>
> >> C:\...\caspol -enterprise -addfulltrust L:\foo.exe
> >>
> >> foo is a local network (non-web based) application that
> >> references internal databases and general web based
> >> information sites.
> >>
> >> Steve
> >
> >
> >.
> >


Top

Re: CasPol security by Chris

Chris
Tue May 25 18:24:44 CDT 2004

My humble opinion, I gave our whole server full trust on all desktops. It is
locally on the Intranet, any non-dotnet app on the server can be executed
from any desktop without a hoot in any case and I don't have time to try and
figure out what the minimum trust level per application should be.
This kind of issue is important when you use no-touch deployment over the
internet, as you are loading an app from a foreign server, not that I've
stumbled upon one on some Internet site yet, but just in case.

<anonymous@discussions.microsoft.com> wrote in message
news:11dba01c44251$77d1aa30$a301280a@phx.gbl...
> Whats the danger in doing:
>
> C:\...\caspol -enterprise -addfulltrust L:\foo.exe
>
> foo is a local network (non-web based) application that
> references internal databases and general web based
> information sites.
>
> Steve


Top