Geeks With Blogs
Saqib Ullah BootStrapper Know How
In my last blog we saw the Web application trust levels, how we configure trust level from the application. Strong-named assemblies must be stored in the GAC (short of global assembly cache). By default, strong-named assemblies will not grant access to partially trusted code, because of the visibility of strong-named assemblies in the global assembly cache is high. What going on when partial trusted application call the Full trusted assembly. If the calling assembly marks with the APTCA (short of AllowPartiallyTrustedCallersAttribute) attribute or calling application trust-level set to Full Trust no security exception will throw. Applying the APTCA attribute on the assembly open the luring attacks. It is the responsibilities of the developer to careful evaluates the code and then apply the attribute. Applying the attribute to an assembly without strong-name has no effect.
 
[assembly: AssemblyKeyFile("..\\..\\keyPair.snk")]
[assembly:
AllowPartiallyTrustedCallers]
 
Note: Apply the above APTCA attribute on the assembly make it callable from the partial trusted caller. Any assembly with AllowPartiallyTrustedCallersAttribute only callable from the fully trusted application.

Internal Working
Very quick questions that come in our mind what is internally going on when APTCA attribute apply to the fully trusted assembly. APTCA in an attribute that simply tell the CLR to remove the implicit LinkDemand. In CAS demand are use to ensure that every caller of the code has been granted (directly or indirectly). Stack walk plays very important role to identify the demanded permission. .Net runtime security walks the call stack, comparing the granted permission of each caller to the permission being demanded. SecurityException throw when the caller found without demanded permission in the stack walk. A Link Demand causes a security check during just-in-time compilation and checks only the immediate caller of the assembly. Permissions are checked only for the immediate caller of code so that why a complete stack walks is not performed.
            When this type of demand is performed your will be open for luring attacks. MSDN example “If a method in assembly A is protected by a link demand, a direct caller in assembly B is evaluated based on the permissions of Assembly B. However, the link demand will not evaluate a method in Assembly C if it indirectly calls the method in Assembly A using the method in Assembly B.” The link demand apply only the permission direct callers in the immediate calling assembly must have to link to your code.
When AllowPartiallyTrustedCallerAttribute attribute use on class all security checks function as intended but only block the implicit fully trusted caller demand.
 
Particle
Here is a simple C# class with AssemblyKeyFile attribute (for strong name) in the AssemblyInfo.cs. Still we do not apply AllowPartiallyTrustedCallers on the assembly.
 
AssemblyInfo.cs file
[assembly: AssemblyKeyFile("..\\..\\keyPair.snk")]
 
TestAPTCA.cs file
using System;
using System.Collections.Generic;
using System.Text;
 
namespace TestAPTCA
{
    public class CallFromWeb
    {
        public string Hello(string name)
        {
            return "Hello " + name;
        }
    }
}
 
Compile the class and place it in GAC by using utility from visual studio .Net command prompt gacutil.
e.g. gacutil-i "C:\[Projectpath]\assemblyname.dll
 
 
Call Assembly for ASP.Net 2.0 web application
Create simple web application and add reference to the TestAPTCA assembly into the project. I use button and label controls on the page and here is Default.aspx class file code is below.
 
Defualt.aspx.cs file
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using TestAPTCA;           //Should Add namespace of TestAPTCA.dll
 
public partial class _Default : System.Web.UI.Page
{
    protected void Button1_Click(object sender, EventArgs e)
    {
CallFromWeb myObj = new CallFromWeb();
        Label1.Text = myObj.CallMeFromWeb("Saqib");
    }
}
 
One last important change in the web.config file, add trust level code in the <system.web> element.
 
<?xmlversion="1.0"?>
<!--
    Note: As an alternative to hand editing this file you can use the
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in
    machine.config.comments usually located in
    \Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
            <appSettings/>
            <connectionStrings/>
            <system.web>
                        <trustlevel="High" />
                        <!--
            Set compilation debug="true" to insert debugging
            symbols into the compiled page. Because this
            affects performance, set this value to true only
            during development.
             -->
<compilationdebug="true">
...
 
When you run the application and click the button you will get the following exception.
 
Exception Details: System.Security.SecurityException: That assembly does not allow partially trusted callers.

The solution of this exception is to add AllowPartiallyTrustedCallers attribute that is present in the System.Security namespace into AssemblyInfo.cs file.
 
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System.Security;
 
[assembly: ComVisible(false)]
// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("feebc2d0-6460-40cd-9894-1843f50aa1b9")]
[assembly: AssemblyKeyFile("..\\keyPair.snk")]
[assembly: AllowPartiallyTrustedCallers]
 
...
 
Remove trust level code <trustlevel="High"/> from the web.config file and again run the application and this time application run without error.
 
 
Posted on Friday, April 13, 2007 4:01 PM Exceptions , .Net , Security , Web Tech | Back to top


Comments on this post: Call assembly from partial trust code

# re: Call assembly from partial trust code
Requesting Gravatar...
good site!study!
Left by 数据恢复 on Apr 28, 2007 5:55 PM

# re: Call assembly from partial trust code
Requesting Gravatar...
Links
[url=http://www.links.cn/]Links[/url]
Left by 窃听器 on Feb 19, 2008 4:47 AM

# re: Call assembly from partial trust code
Requesting Gravatar...
Hi, this is very nice site thank you for this
Left by Rapidshare Arama on May 27, 2008 11:44 AM

# re: Call assembly from partial trust code
Requesting Gravatar...
This translation companies with tsinghua university of self-empowerment, generous as tradition, with &quot;customer first&quot; as the guiding ideology, providing customers with the most thoughtful and most professional translation service, high quality and low price, with efficient service will make you satisfied
Left by 北京翻译 on Jan 12, 2009 2:20 PM

# re: Call assembly from partial trust code
Requesting Gravatar...
In my web application does not exist Assembly.cs. so can i add it. if i add it manually then what is GUID for this file.
Left by OP on Jul 31, 2013 1:26 AM

Your comment:
 (will show your gravatar)


Copyright © Saqib Ullah | Powered by: GeeksWithBlogs.net