I'm not exactly sure what you mean by your question, but some comments inline
-----Original Message----- From: Matthew [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 10:14 AM To: [EMAIL PROTECTED] Subject: [ADVANCED-DOTNET] Code Access Security and Dowloaded Assemblies I'm a little fuzzy on a few code access security basics. It seems like a reasonable approach (essentially a "configurable sandbox") but I'm not exactly sure how .NET determines the evidence for an assembly. Some information could come from the strong name (that's simple enough), but what about the security "zone" (intranet/Internet/local)? For example, I'm trying out a few different deployment methods with a distributed application. Which ones of these could cause the downloaded assembly to have a new zone (and thus restricted permissions, unless I specifically modify the security policy): * Dynamically retrieving an assembly from a web service as an array of bytes, then saving it to disk and running it with Assembly.LoadFrom() and a local path. <John Cavnar-Johnson>This assembly would run from the MyComputer Zone</John Cavnar-Johnson> * Downloading and running a "shadow copy" of an assembly using the Assembly.LoadFrom() method with a URI to a remote server. <John Cavnar-Johnson>This would run the assembly from the zone of the remote server</John Cavnar-Johnson> * Using the codeBases attribute in a configuration file to specify a remote computer URI for updates to an assembly. <John Cavnar-Johnson>Not sure what you mean here. If you load the assembly from a URI, it belongs to the zone of that URI.</John Cavnar-Johnson> My thinking is that the zone evidence will change for the last two, but not the first one. Is this right? Thanks, Matthew You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
