By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,582 Members | 1,720 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,582 IT Pros & Developers. It's quick & easy.

Local Machine policy exceptions

P: n/a
I am running an application that requires "Full Trust" which is declared in
the assembly.

How do I trap for the System.Security.Policy.PolicyException that is raised
by a local machines CAS if its current policy will not allow "Full Trust",
ie its running in the Intranet Zone.

I am trying to trap the error to advise users to have adm revise policy to
permit running the program otherwise a cryptic debug screen is raised.

Thanks

Mike

Feb 12 '06 #1
Share this Question
Share on Google+
6 Replies


P: n/a
"Michael" <mc********@houston.rr.com> wrote in message
news:8n******************@tornado.texas.rr.com...
I am running an application that requires "Full Trust" which is declared in
the assembly.

How do I trap for the System.Security.Policy.PolicyException that is
raised by a local machines CAS if its current policy will not allow "Full
Trust", ie its running in the Intranet Zone.

I am trying to trap the error to advise users to have adm revise policy to
permit running the program otherwise a cryptic debug screen is raised.

Thanks

Mike


A code snippet of the offending calls would be helpful. Have you tried:

Try
'instantiate full trust objects, invoke full trust methods,
' or access full trust properties
Catch (pe As System.Security.Policy.PolicyException)
Dim message As String = pe.Message
'or
Dim message As String = "Talk to your Admin."
Throw New Exception(message)
Finally
'if appropriate
fullTrustObjects.Dispose
End Try

Let me know how that works or if you need more help.

carl
Feb 13 '06 #2

P: n/a
Hi,

In the unlikely event that your question is not answered satisfactorily in
this group, there is another group you might try posting to -
"microsoft.public.dotnet.security."

Regards,

Cerebrus.

"Vagabond Software" <vagabondsw-X-@-X-gmail.com> wrote in message
news:Od**************@tk2msftngp13.phx.gbl...
"Michael" <mc********@houston.rr.com> wrote in message
news:8n******************@tornado.texas.rr.com...
I am running an application that requires "Full Trust" which is declared inthe assembly.

How do I trap for the System.Security.Policy.PolicyException that is
raised by a local machines CAS if its current policy will not allow "Full Trust", ie its running in the Intranet Zone.

I am trying to trap the error to advise users to have adm revise policy to permit running the program otherwise a cryptic debug screen is raised.

Thanks

Mike


A code snippet of the offending calls would be helpful. Have you tried:

Try
'instantiate full trust objects, invoke full trust methods,
' or access full trust properties
Catch (pe As System.Security.Policy.PolicyException)
Dim message As String = pe.Message
'or
Dim message As String = "Talk to your Admin."
Throw New Exception(message)
Finally
'if appropriate
fullTrustObjects.Dispose
End Try

Let me know how that works or if you need more help.

carl

Feb 13 '06 #3

P: n/a
Carl

Thanks for the reply

Following is a code snippet from my main sub. The policy ecxception error
which is picked up by the local machine arises at the first call to to get
system and environment information.

The CAS then throws up the debug screen locally before the "catch" can
activate

code follows:

Public Sub Main()
'
'Allow XP style Forms to be viewed on User screen
Application.EnableVisualStyles()
Application.DoEvents()
'
'Get the user and machine environment data
'
Try
Get_UserSystemInfo(USER_PROCESSOR_TYPE)
Get_UserEnvironment(USER_NAME, USER_OSVersion, USER_MACHINE_NAME)

Try
'Windows 2000, XP
Get_UserMemoryStatusEX(USER_SYSTEM_MEMORYEX,
USER_AVAILABLE_SYSTEM_MEMORYEX)

Catch ex As Exception
' Do Nothing if API call fails
End Try
'
Catch ex As System.Security.Policy.PolicyException
'
'if the user has installed the program on one computer within a network
'environment and attempts to run the program from a different machine
within
'the network then the system.permissions exception will be caught here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'

Catch ex As Exception
'
'if the user has installed the program on one computer within a network
'environment and attempts to run the program from a different machine
within
'the network then the system.permissions exception will be caught here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'
End Try

etc
etc

end sub

"Vagabond Software" wrote:
"Michael" <mc********@houston.rr.com> wrote in message
news:8n******************@tornado.texas.rr.com...
I am running an application that requires "Full Trust" which is declared in
the assembly.

How do I trap for the System.Security.Policy.PolicyException that is
raised by a local machines CAS if its current policy will not allow "Full
Trust", ie its running in the Intranet Zone.

I am trying to trap the error to advise users to have adm revise policy to
permit running the program otherwise a cryptic debug screen is raised.

Thanks

Mike


A code snippet of the offending calls would be helpful. Have you tried:

Try
'instantiate full trust objects, invoke full trust methods,
' or access full trust properties
Catch (pe As System.Security.Policy.PolicyException)
Dim message As String = pe.Message
'or
Dim message As String = "Talk to your Admin."
Throw New Exception(message)
Finally
'if appropriate
fullTrustObjects.Dispose
End Try

Let me know how that works or if you need more help.

carl

Feb 13 '06 #4

P: n/a
"Mike C" <Mi***@discussions.microsoft.com> wrote in message
news:22**********************************@microsof t.com...
Carl

Thanks for the reply

Following is a code snippet from my main sub. The policy ecxception error
which is picked up by the local machine arises at the first call to to
get
system and environment information.

The CAS then throws up the debug screen locally before the "catch" can
activate

code follows:

Public Sub Main()
'
'Allow XP style Forms to be viewed on User screen
Application.EnableVisualStyles()
Application.DoEvents()
'
'Get the user and machine environment data
'
Try
Get_UserSystemInfo(USER_PROCESSOR_TYPE)
Get_UserEnvironment(USER_NAME, USER_OSVersion, USER_MACHINE_NAME)

Try
'Windows 2000, XP
Get_UserMemoryStatusEX(USER_SYSTEM_MEMORYEX,
USER_AVAILABLE_SYSTEM_MEMORYEX)

Catch ex As Exception
' Do Nothing if API call fails
End Try
'
Catch ex As System.Security.Policy.PolicyException
'
'if the user has installed the program on one computer within a
network
'environment and attempts to run the program from a different machine
within
'the network then the system.permissions exception will be caught
here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'

Catch ex As Exception
'
'if the user has installed the program on one computer within a
network
'environment and attempts to run the program from a different machine
within
'the network then the system.permissions exception will be caught
here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'
End Try

etc
etc

end sub


Mike,

That code looks like it should be working. Are your Get methods making
calls into another assembly? Is your .NET security configured correctly for
that application?

http://www.code-magazine.com/article...0405031&page=1

carl
Feb 14 '06 #5

P: n/a
Carl

Once again thanks - working on this for several days and getting nowhere

Here's the info you asked for. Note that I included the both GET subs in
their entirety even though this program only extracts limited info needed.

Also note
a) if I set the local machine Intranet zone permissions to "Full Trust"
program works without generating a policy exception
b)if I create a new zone with "Full Trust" and import the program "key" the
program works without generating a policy exception

Assembly - Security and Signing Follows:

'Sign the Assembly
'strong name key [MyProgram.snk] created with sn.exe. Key must reside
'in the same folder as the Visual Studio Project.
<Assembly: AssemblyKeyFileAttribute("MyProgram.snk")>
'
'Deploy the Assembly requesting FullTrust Permissions
'<Assembly: PermissionSetAttribute(SecurityAction.RequestMinim um,
Name:="FullTrust")>

The two Get subs Follow:

1)Get System Info

'Use Windows API to get User System Memory Status
Public Declare Sub GetSystemInfo Lib "kernel32.dll" (ByRef lpSystemInfo As
SYSTEM_INFO)

Public Sub Get_UserSystemInfo(ByRef ProcessorType As String)

Dim SysInfo As SYSTEM_INFO
GetSystemInfo(SysInfo)

Dim UserProcessorType As String = SysInfo.dwProcessorType.ToString

ProcessorType = UserProcessorType

End Sub

2)Get User Environment

Public Sub Get_UserEnvironment(ByRef Name As String, ByRef OSversion As
String, ByRef MachineName As String)

'PROCESS
Dim UserProcess As Process = Process.GetCurrentProcess

Dim UserProgramName As String = UserProcess.ProcessName
Dim UserPagednoMem As Long = UserProcess.NonpagedSystemMemorySize
Dim UserPagedMem As Long = UserProcess.PagedMemorySize
Dim UserPagedpeakMem As Long = UserProcess.PeakPagedMemorySize
Dim UserPagedsysMem As Long = UserProcess.PagedSystemMemorySize
Dim UserPeakMem As Long = UserProcess.PeakWorkingSet
Dim UserPrivateMem As Long = UserProcess.PrivateMemorySize

'PROCESS MODULE
'The following retrieves the name of the Program
'base module and all dll's loaded with the process
'along with their physical size and other properties.
Dim UserProcessModule As ProcessModule
Dim UserProcessModuleCollection As ProcessModuleCollection =
UserProcess.Modules
'example - get memory used by loaded dll modules
'ModuleMemorySize does not include any additional
'memory allocations that the module makes once
'it is running; it includes only the size of the
'static code and data in the module file.
'The Base Module represents the static program code.
Dim i As Integer
Dim total As Integer
For i = 0 To UserProcessModuleCollection.Count - 1
UserProcessModule = UserProcessModuleCollection(i)
total = total + UserProcessModule.ModuleMemorySize
Next

'ENVIRONMENT
'Gets the amount of physical memory mapped to
'the process context.
Dim UserMemory As Long
UserMemory = Environment.WorkingSet

'Gets the NetBIOS name of this local computer.
Dim UserMachineName As String
UserMachineName = Environment.MachineName

'Gets an OperatingSystem object that contains the
'current platform identifier and version number.
Dim UserOSVersion As String
UserOSVersion = Environment.OSVersion.ToString

'Gets the fully qualified path of the system directory
Dim UserSysDirectory As String = Environment.SystemDirectory

'Gets the user name of the person who started the
'current thread
Dim UserName As String
UserName = Environment.UserName

'Returns an array of string containing the names of
'the logical drives on the current computer, i.e.,
'"A:\", "C:\" etc
Dim UserLogicalDrives As String()
UserLogicalDrives = Environment.GetLogicalDrives

'The system special folders are folders such as Program Files,
'Programs, System, or Startup, which contain common
'information. Special folders are set by default by the
'system, or explicitly by the user, when installing a version
'of Windows.
'The GetFolderPath method uses these enumerated constants
'to designate the special folder path to retrieve
Dim UserFolder As String
UserFolder =
Environment.GetFolderPath(Environment.SpecialFolde r.ApplicationData)
'etc, etc.

'The following statement accesses network, logon
'and other user type data. Iterate as needed to
'look at the variables - 36 Total
Dim UserEnvironmentVariables As System.Collections.IDictionary
UserEnvironmentVariables = Environment.GetEnvironmentVariables()
'
'Dim de As DictionaryEntry
'For Each de In environmentVariables
' Console.WriteLine(" {0} = {1}", de.Key, de.Value)
'Next de

'return the desired data
Name = UserName
OSversion = UserOSVersion
MachineName = UserMachineName

End Sub

Regards and thanks

Mike

"Vagabond Software" <vagabondsw-X-@-X-gmail.com> wrote in message
news:Oh*************@TK2MSFTNGP15.phx.gbl...
"Mike C" <Mi***@discussions.microsoft.com> wrote in message
news:22**********************************@microsof t.com...
Carl

Thanks for the reply

Following is a code snippet from my main sub. The policy ecxception error
which is picked up by the local machine arises at the first call to to
get
system and environment information.

The CAS then throws up the debug screen locally before the "catch" can
activate

code follows:

Public Sub Main()
'
'Allow XP style Forms to be viewed on User screen
Application.EnableVisualStyles()
Application.DoEvents()
'
'Get the user and machine environment data
'
Try
Get_UserSystemInfo(USER_PROCESSOR_TYPE)
Get_UserEnvironment(USER_NAME, USER_OSVersion, USER_MACHINE_NAME)

Try
'Windows 2000, XP
Get_UserMemoryStatusEX(USER_SYSTEM_MEMORYEX,
USER_AVAILABLE_SYSTEM_MEMORYEX)

Catch ex As Exception
' Do Nothing if API call fails
End Try
'
Catch ex As System.Security.Policy.PolicyException
'
'if the user has installed the program on one computer within a
network
'environment and attempts to run the program from a different
machine
within
'the network then the system.permissions exception will be caught
here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'

Catch ex As Exception
'
'if the user has installed the program on one computer within a
network
'environment and attempts to run the program from a different
machine
within
'the network then the system.permissions exception will be caught
here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'
End Try

etc
etc

end sub


Mike,

That code looks like it should be working. Are your Get methods making
calls into another assembly? Is your .NET security configured correctly
for that application?

http://www.code-magazine.com/article...0405031&page=1

carl

Feb 14 '06 #6

P: n/a
Carl
ignore the " ' " in front of the assembly in the info below ie line should
read
<Assembly: PermissionSetAttribute(SecurityAction.RequestMinim um,
Name:="FullTrust")> Had commented it out trying to solve issue with no luck
Mike

"Michael" <mc********@houston.rr.com> wrote in message
news:yN******************@tornado.texas.rr.com...
Carl

Once again thanks - working on this for several days and getting nowhere

Here's the info you asked for. Note that I included the both GET subs in
their entirety even though this program only extracts limited info needed.

Also note
a) if I set the local machine Intranet zone permissions to "Full Trust"
program works without generating a policy exception
b)if I create a new zone with "Full Trust" and import the program "key"
the program works without generating a policy exception

Assembly - Security and Signing Follows:

'Sign the Assembly
'strong name key [MyProgram.snk] created with sn.exe. Key must reside
'in the same folder as the Visual Studio Project.
<Assembly: AssemblyKeyFileAttribute("MyProgram.snk")>
'
'Deploy the Assembly requesting FullTrust Permissions
'<Assembly: PermissionSetAttribute(SecurityAction.RequestMinim um,
Name:="FullTrust")>

The two Get subs Follow:

1)Get System Info

'Use Windows API to get User System Memory Status
Public Declare Sub GetSystemInfo Lib "kernel32.dll" (ByRef lpSystemInfo
As SYSTEM_INFO)

Public Sub Get_UserSystemInfo(ByRef ProcessorType As String)

Dim SysInfo As SYSTEM_INFO
GetSystemInfo(SysInfo)

Dim UserProcessorType As String = SysInfo.dwProcessorType.ToString

ProcessorType = UserProcessorType

End Sub

2)Get User Environment

Public Sub Get_UserEnvironment(ByRef Name As String, ByRef OSversion As
String, ByRef MachineName As String)

'PROCESS
Dim UserProcess As Process = Process.GetCurrentProcess

Dim UserProgramName As String = UserProcess.ProcessName
Dim UserPagednoMem As Long = UserProcess.NonpagedSystemMemorySize
Dim UserPagedMem As Long = UserProcess.PagedMemorySize
Dim UserPagedpeakMem As Long = UserProcess.PeakPagedMemorySize
Dim UserPagedsysMem As Long = UserProcess.PagedSystemMemorySize
Dim UserPeakMem As Long = UserProcess.PeakWorkingSet
Dim UserPrivateMem As Long = UserProcess.PrivateMemorySize

'PROCESS MODULE
'The following retrieves the name of the Program
'base module and all dll's loaded with the process
'along with their physical size and other properties.
Dim UserProcessModule As ProcessModule
Dim UserProcessModuleCollection As ProcessModuleCollection =
UserProcess.Modules
'example - get memory used by loaded dll modules
'ModuleMemorySize does not include any additional
'memory allocations that the module makes once
'it is running; it includes only the size of the
'static code and data in the module file.
'The Base Module represents the static program code.
Dim i As Integer
Dim total As Integer
For i = 0 To UserProcessModuleCollection.Count - 1
UserProcessModule = UserProcessModuleCollection(i)
total = total + UserProcessModule.ModuleMemorySize
Next

'ENVIRONMENT
'Gets the amount of physical memory mapped to
'the process context.
Dim UserMemory As Long
UserMemory = Environment.WorkingSet

'Gets the NetBIOS name of this local computer.
Dim UserMachineName As String
UserMachineName = Environment.MachineName

'Gets an OperatingSystem object that contains the
'current platform identifier and version number.
Dim UserOSVersion As String
UserOSVersion = Environment.OSVersion.ToString

'Gets the fully qualified path of the system directory
Dim UserSysDirectory As String = Environment.SystemDirectory

'Gets the user name of the person who started the
'current thread
Dim UserName As String
UserName = Environment.UserName

'Returns an array of string containing the names of
'the logical drives on the current computer, i.e.,
'"A:\", "C:\" etc
Dim UserLogicalDrives As String()
UserLogicalDrives = Environment.GetLogicalDrives

'The system special folders are folders such as Program Files,
'Programs, System, or Startup, which contain common
'information. Special folders are set by default by the
'system, or explicitly by the user, when installing a version
'of Windows.
'The GetFolderPath method uses these enumerated constants
'to designate the special folder path to retrieve
Dim UserFolder As String
UserFolder =
Environment.GetFolderPath(Environment.SpecialFolde r.ApplicationData)
'etc, etc.

'The following statement accesses network, logon
'and other user type data. Iterate as needed to
'look at the variables - 36 Total
Dim UserEnvironmentVariables As System.Collections.IDictionary
UserEnvironmentVariables = Environment.GetEnvironmentVariables()
'
'Dim de As DictionaryEntry
'For Each de In environmentVariables
' Console.WriteLine(" {0} = {1}", de.Key, de.Value)
'Next de

'return the desired data
Name = UserName
OSversion = UserOSVersion
MachineName = UserMachineName

End Sub

Regards and thanks

Mike

"Vagabond Software" <vagabondsw-X-@-X-gmail.com> wrote in message
news:Oh*************@TK2MSFTNGP15.phx.gbl...
"Mike C" <Mi***@discussions.microsoft.com> wrote in message
news:22**********************************@microsof t.com...
Carl

Thanks for the reply

Following is a code snippet from my main sub. The policy ecxception
error
which is picked up by the local machine arises at the first call to to
get
system and environment information.

The CAS then throws up the debug screen locally before the "catch" can
activate

code follows:

Public Sub Main()
'
'Allow XP style Forms to be viewed on User screen
Application.EnableVisualStyles()
Application.DoEvents()
'
'Get the user and machine environment data
'
Try
Get_UserSystemInfo(USER_PROCESSOR_TYPE)
Get_UserEnvironment(USER_NAME, USER_OSVersion, USER_MACHINE_NAME)

Try
'Windows 2000, XP
Get_UserMemoryStatusEX(USER_SYSTEM_MEMORYEX,
USER_AVAILABLE_SYSTEM_MEMORYEX)

Catch ex As Exception
' Do Nothing if API call fails
End Try
'
Catch ex As System.Security.Policy.PolicyException
'
'if the user has installed the program on one computer within a
network
'environment and attempts to run the program from a different
machine
within
'the network then the system.permissions exception will be caught
here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'

Catch ex As Exception
'
'if the user has installed the program on one computer within a
network
'environment and attempts to run the program from a different
machine
within
'the network then the system.permissions exception will be caught
here.
'
MessageBox.Show(Get_Msg("50019", "", "", "", ""), _
"Name", MessageBoxButtons.OK, MessageBoxIcon.Error)
'
'terminate the program
End
'
End Try

etc
etc

end sub


Mike,

That code looks like it should be working. Are your Get methods making
calls into another assembly? Is your .NET security configured correctly
for that application?

http://www.code-magazine.com/article...0405031&page=1

carl


Feb 14 '06 #7

This discussion thread is closed

Replies have been disabled for this discussion.