Help me please: I have an Windows .net application that moves a file from subdirectory, this file is an image that is showed by picturebox control, but sometimes send me this: Uncontroled Exception type 'System.IO.IOException' in mscorlib.dll Adicional Information: The Proccess can´t...more >>

There is a problem in this KeyPal .NET application: http://www.jensign.com/JavaScience/dotnet/keypal This application uses Pinvoke to CryptoAPI to enumerate capi keycontainers and detect which certs in the MY store have an associated private key. SOurce code is at: http://www.jensign.com...more >>

I've created an app with a plugin structure which works if I trust the plugin-author. Next I want to allow untrusted plugins to run under strict access conditions. I'm already loading the plugins into a secondary AppDomain, and I can set code access security on this secondary appdomain to t...more >>

I am workign with a small intranet app for a customer and we've decided to use Hosted WinForms controls for several really complicated code we have. I can host the controls fine (much easier than I thought actually). But I can't do certain work without elevating the CAS and Zone permissions. ...more >>

A number of folks have asked about using exported keys from either OpenSSL (PEM or otherwise) or Java 2 (PublicKey.getEncoded()) from .NET 1.1 or higher. It is possible to use various versions of Pinvoke to capi for this, but it is also possible to directly parse the standard asn.1 encoded publ...more >>

This is my Web service Client. The filename is MathService.apsx. I use web client to invoke my web service.The coding is below: Public Class Math Inherits System.Web.UI.Page Dim obj As New LoginForm Public Token As UsernameToken = Nothing Private Sub cmdAdd_Click(ByVal sender As System...more >>

how to forcfully kill a running process by executable name with a .net application? ...more >>

A while back I had a customer that wanted to host a Dot Net web site on one of my servers. We went ahead and installed v1.1, the customer was happy and didn't seem to have any problems. Then we had a second customer who wanted Dot Net on their web site and we found that the two users could then...more >>

There are tons of posts on this and I have read them all at least twice, but still am having trouble. For now, never mind security, if I can get this to work, I'll start re-applying restrictions. Goal: Run an exe file, like Notepad.exe, from ASP.NET 1.1, on a Win 2003 Server I have: S...more >>

I have a client app that remotely connects to a service app via .NET Remoting using NTLM (custom sinks that do SSPI for .NET 1.1). The service reads some files while impersonating the client. Works great if file is on the same computer as the service. A customer wants to move files to remot...more >>

Hi, I created a simple vb.net application which, on a click of a button, it calls a simple web service (which i also created). On call, i get a security exception System.security.SecurityException: Request for the permission of type system.net.WebPermission, system, version=1.0.5000.0, ...more >>

Hi, I have requirement where I have to elevate CAS just before i make a call to a com+ server. so it's like Myfunction() { Statemen ts to elevate CAS make com+ call Statemen to revert CAS } Instead of duplication the code in all methods I though ..I will extract out that code ...more >>

I have obtained my pvk file and my spc file and I think I have everything that I need to be able to sing my ClickOnce files or any other files that I would like to distribute. When creating my ClickOnce files, the utility is prompting me to select either a pfx or a p12 file, I did some rese...more >>

Hello, I have the following situation: Assembly A.dll have some routine inside that application B.exe uses. I waht to prevent other people from loading A.dll and call the method with the routine. For that, I make A.dll and B.dll strong named, and the method "String SensitiveRoutine()" ha...more >>

Hi We are running an application on a Metaframe Server with Nt-Server 2003. We are having a security issue, that the from us developped application (VS-2003) only runs when the current user has administrator rights. What could be the problem? Any help is greatly appreciated! All the bes...more >>

Hi, I'm developing a Windows Control Library to use as Smart Client in a ASP.NET application and one of the tasks of my custom control is call a WebService. So, when i try to call the WebService using my control through the IE, i get this exception: System.Security.SecurityException: Reques...more >>

Hi, I'm writing an outlook 2003 plugin and encountered a problem. I'm creating a new AppDomain in order to load an assembly into it. I don't want to have this .dll loaded in CurrentDomain, so I can replace the file after unloading additional domain. I'm using addDomain.Load(bytes[]) method...more >>

Hello, I have a question about the configuration of tasks and operations, and how they are interpreted by the "Authorize" method of the security application block. I have created an operation called "Print" and two tasks called "Access Financial Information" and "Print Check". The def...more >>

I'm trying to enumerate the acls on various directories, and on a couple of them, I get a System.ArgumentException stating "The binary form of an ACE object is invalid. Parameter name: binaryForm" All I'm doing is the following: DirectorySecurity sec = new DirectorySecurity(path, AccessCon...more >>

Hey, I'm not sure if this can be done, but here's what I require: I have a windows application that needs to be secured in a code group with limited permissions to write to a log folder, and to download certain files before startup. Issue is that this happens to be running on a restricted ...more >>

I need to design a custom security Authentication and Authorization framework that is unified for both windows and web applications. A number of articles, including this one, http://www.codeguru.com/csharp/csharp/cs_misc/security/article.php/c7415/ detail implementing custom IIdentity and IPrinc...more >>

Hi, I am using .net 2.0 on windows xp (sp2). I wrote following code to import the certificate into my store name in local machine location: X509Store myStore = new X509Store(StoreName.My, StoreLocation.LocalMachine); myStore.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadWrite); X509Cer...more >>

I have an assembly that I wrote in .NET 2.0 for Reporting Services. It essentially attaches to an Oracle DB and gets back a dataset. I tried it out by a test windows application and it worked fine, however when I try and run it within Reporting Services I get... System.Security.SecurityEx...more >>

When I run fxcop against my vb app (MyApp, FW 1.1, a vb winforms program), I get some complaints about LinkDemands, namely: "Do not indirectly expose methods with link demands" What am I supposed to do about this? I have read a lot of material about this and I have no clue as to what I a...more >>

I have a web application that allows users to download their data to a file on their computer. Then at a later time they can upload the file back to the web server and continue working. The file is in XML format. I want to find a simple way to encrypt the file before I stream it down to their...more >>

Hi, I am trying to prevent reflection access to my dll. the dll have one class name Class1: public class Class1 { private int n; public int Value { get { return n; } } } I added an attribute to the AssemblyInfo.cs: [assembly: ReflectionPermission(SecurityAction.Re...more >>

Hi (I am not sure I posted this in the right forum, if not please let me know :) I am running my IIS60 Application with a custom user Idendity in the "Application Pool" - meaning not "Network Service" account. I get this error : ************ Unspecified error: Error while parsing "http:...more >>

Dear Experts, I've created a Console application to perform a checking of an Excel file. During development using vb.net in Visual Studio 2005, the application is running fine. I can get my expected result. Then I move the executable files and related *.dll files into a server to schedule f...more >>

after I changed the permisssion set of All_Code to "nothing" , I can't set the .net configuration anymore? even the Caspol.exe tool can't work anymore. it just shows that "System.Security.Policy.PolicyException" error? and the Microsoft .NET Framework 1.1 setting in Control Panel also can't...more >>

Hi, I'm (still) developing a secure app. So I have a connectionstring in my web.config. That string is encrypted. So I decrypt it when I want to use it. No problem. But I also have some other info in the web.config. The app uses integrated security, and I have <allow roles> = "<some_Activ...more >>

I think I put this in the wrong group (aspnet.security), reposting here. Sorry: I've been looking at this off and on for a few days now and can't figure out how to simply move a keycontainer from one machine to another. I've tried several things: * creating a pfx file and importin...more >>

I have a .Net 2.0 Client/Server application using .Net 2.0 Remoting. The users provide their credentials by the client's UI. The server authentication is via Kerberos for intranet users, NTLM for external users (via username\pwd\domain credentials). The goal is to have minimal config settings...more >>

Hi, I am trying to impersonate a local user on windows 2000 server in vb.net application using following piece of code Public Class ADVAPI32 ' LogonUser call Public Declare Auto Function LogonUser Lib "advapi32.dll" _ (ByVal lpszUserName As String, ByVal lpszDomain As String...more >>

Hello everyone, I need to convert some code that works with CryptoAPI using advapi32.dll to C#.NET and to use System.Security.Cryptography. The question is what is the analog for CryptImportKey API? In the old code they giving to this CryptImportKey a private key which is byte array 596 bytes...more >>

I have a problem with some code in an assembly that use RSA.ImportParameters(). If the assembly is used in a WinForm application it's fine, but I'm having troubles when it's used in ASP .NET. The code is something like this: ..... ..... RSA rsa = RSA.Create (); rsa.ImportParameters (para...more >>

Hi, I have a rich Forms UserControl which is embedded into a web page. Since installing .NET 2.0 on the clients, the control stopped loading completly. - I disabled security completly using caspol -s off => no effect - I enabled fussion logging => no single entry generated - I enabled the ...more >>

Hello group I'm trying to list the users and groups who has read access to a file. I use .NET 2.0 and FileInfo.GetAccessControl().GetAccessRules(...) and then loop through the FileSystemAccessRule objects. Using these objects, I can get the NTAccount object using the IdentityReference prope...more >>

HI, im trying to get a string hashed, im trying to use the example: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/cryptosimplified.asp my problem is that even if i have a string that is 20 characters long and a salt that is 80 characters, the output is still on...more >>

NEED Solution for mscorcfg. Please help, I need a MS solution for the mscorcfg.msc control panel applet on .NET 2.0. without having to download the SDK. I have tried a solution denoted below to deploy the mscorcfg.msc, but it does not work on a machine with JUST .NET 2.0. (No 1.0 or 1.1)...more >>

Hi, Does a normal user have permissions to add a code group to the USER node of the .NET Runtime Security Policy(mscorcfg.msc) using a caspol batch file. Thanks Nen ...more >>

I am using AuthenticateAsServer and AuthenticateAsClient between a TCPClient and TCPListener on two different XP Pro PC's running under a workgroup. 1. The server throws the following exception if ProtectionLevel is set to EncryptAndSign on both PC's. 'A security requirement was not fulfill...more >>

Hi Is it possible to check a certificate against the CRL with the new X509Certificates class in .NET 2.0?? So that I know if the certificate is revoked or not still valid... Thanks Dominik Zemp...more >>

I=B4ve made a desktop application in C# (.NET 1.1) and now I would like it to run in a local intranet. I know that I can change the .NET configuration on each client and give the specific application FULL_TRUST permission on the machine ... but isn=B4t there an easier way ?? Each assembly in ...more >>

In some instances I encrypt data and store it in my SQL Server 2000 database along with an intialization vector. For example, this is a great way to store Social Security Numbers. The encryption is handled by the software (VB.NET). However, what if I need to find a record based on a user ...more >>

HOWTO Run CASPOL for full trust on UserControl. Please help, I have made a .NET UserControl (.NET 2.0), that I intend to run from a web page. At the moment, the only way I know to grant my UserControl the security it needs to run is to use CASPOL as such: caspol -machine -chggroup Trust...more >>

When my app gets run from a network drive, I get a unhandled SecurityException before the main() procedure is called as assemblies are preloaded. I can probably find a way to deal with this through ClickOnce deployment assistance. However, it then crashes inside Kernel32. Is there any way...more >>

How do I progamaticaly verify whether the current user has write permissions to a given folder using .NET? thanks s ...more >>

I am using .NET 2.0 and am writing an app that imports data from a previous version. One field in the old database stores data encrypted using CAPICOM that I would like to decrypt. I don't want to reference the CAPICOM.dll (which is version 2.0.0.3) using Interop and would like to do this en...more >>

Hi, I've created a web application and through this I want to import Excel data to database. Following is the code that I've written, ******************************************************************* string fileLocation = txtboxFileName.Text.ToString(); string sheetName = "Import"; str...more >>

Dear all, I am trying to get the Process UserName by using System.Enviorment.Username, I have no problem by normal "run" and by "runas". I can get the process Username with correct value. However, I try to use "runas /netonly" to execute the program I developed, I found out that it is returnin...more >>