Hello all.
I am deploying a VB.NET Winforms app into a classified environment on winXP sp2. Regular users have reduced rights/privileges. This is non-negotiable.
The app runs as an admin or power user, but not as a "regular user". The app fails very early in the startup process. One wrinkle is that we are using Esri's ArcGIS binaries to do fancy maps.
is it permissions on the assembly ?
ArcGIS COM binaries ?
Registry access?
directory permissions (general) ?
directory permissions (CLR, JIT, GAC ...) ?
any thoughts ? As admin I can grant special privileges to resources.
First off are we talking about an ITAR classified environment? If it is, there is no way that we can legally give you any advice about your system. This is something that you are going to have to clear through your administrator.
As for your security questions, I feel very uncomfortable giving you any advice about what types of access you should grant to your registry and directories. A general rule of thumb when designing secure environments is that you want it to be as compartmentalized as possible. You will also need to be very clear about when you grant the write and when you grant the execute permissions. Your application will need dedicated directories, registry and memory footprints, and it should not be allowed to go beyond those boundaries.
Please let us know about the legal status of your environment and then others will be able to offer you more advice.