Permission Set XML for a Custom Trust Level

Secure ASP.NET

Permission Set XML for a Custom Trust Level

By Don Kiely

I ve written a lot in this Secure ASP.NET column aboutpartial trust ASP.NET applications. Simply put, if you deploy a Web applicationusing the default Full Trust, you deserve whatever abuses hackers rain down onyour site. You ve bypassed one of the most powerful techniques Microsoft hasmade available to protect your site and users. Shame on you!

Here s a brief recap of partial trust ASP.NETapplications. By writing and deploying an app with partial trust, you arelimiting what the code can do to a small subset of all the permissionsavailable within the .NET Framework. This restricts the app even beyond whatWindows will allow it to do. This means that when a hacker gets control of yoursite (and don t think they won t), s/he will be severely restricted in whatdamage s/he can cause. Simply put, partial trust apps implement the securityprincipal of least privilege, in which the code gets the permissions it needsto do its job, and absolutely no more. Sure, it s a bit more work but aren tyour app, your server, your network, and your users worth it? Not to mentionyour job?

But just like running as a non-admin on your desktopmachine (you do, don t you?), writing partial trust Web apps requires somethought, tricks, and insight into how ASP.NET works. One thing you ll need todo when customizing a policy file is to generate the XML foreach permission in a permission set.

When you customize a policy file to define a custom trustlevel, you need to define a permission set that contains the permissionsgranted for that policy level. Besides the named permission sets FullTrust andNothing, there is an ASP.NET permission set that contains the complete set ofpermissions granted under that trust level. For example, here is a portion ofthe ASP.NET named permission set for the standard medium trust level inASP.NET:

     class="NamedPermissionSet"      version="1"      Name="ASP.Net">                           class="AspNetHostingPermission"                      version="1"                      Level="Medium"      />                           class="EnvironmentPermission"                      version="1"                      Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME"      />                           class="WebPermission"                      version="1">                                                                                          You can find the complete permission set definition in theC:WINDOWSMicrosoft.NETFrameworkv2.0.50727CONFIGweb_mediumtrust.configfile that is installed with .NET.   There is no GUI in Visual Studio, or any other tool that I maware of, that will create this XML for you. You can certainly, with a bit ofwork, come up with the correct XML using trial and error by looking at theproperties of each permission object in the .NET Framework. But the XML is justthe serialization of each of the permission objects. This makes it almosttrivial to create the necessary XML.   The code below is a console application that creates a newNamedPermissionSet object, then creates new permissions and adds them to thepermission set. Then it uses the ToXml method of the NamedPermissionSet objectto get the necessary XML:  using System; using System.Collections.Generic; using System.Security; using System.Net; using System.Security.Permissions; using System.Text; using System.Web; namespace NamedPermSetXML{ class Program {    static void Main(string[]args)    {      NamedPermissionSetpermSet = new NamedPermissionSet("ASP.Net", PermissionState.None);      AspNetHostingPermission aspPerm =         newAspNetHostingPermission(AspNetHostingPermissionLevel.Medium);      permSet.AddPermission(aspPerm);      EnvironmentPermissionenvPerm =         newEnvironmentPermission(EnvironmentPermissionAccess.Read,          "TEMP;TMP;USERNAME;OS;COMPUTERNAME");      permSet.AddPermission(envPerm);      WebPermission webPerm=         newWebPermission(NetworkAccess.Connect, "$OriginHost$");      permSet.AddPermission(webPerm);      Console.WriteLine(permSet.ToXml().ToString());     Console.Read();    }  } }   The resulting XML is a little fancier than what you need,with the full strong name of each permission class. And I cheated a bit.Because I used the policy file variable $OriginHost$, the serialization addedleading and trailing slashes as escape characters. But otherwise, the XML iswhat you need for a policy file, even though the formatting is not very humanreadable:    DonKiely, MVP, MCSD, is a senior technology consultant, building customapplications as well as providing business and technology consulting services.His development work involves tools such as SQL Server, Visual Basic, C#,ASP.NET, and Microsoft Office. He writes regularly for several trade journals,and trains developers in database and .NET technologies. You can reach Don at mailto:[email protected] and readhis blog at http://www.sqljunkies.com/weblog/donkiely/.