Hello All.
I'm starting work on a Windows Forms application -- still in the design stages -- and I'm at the point of laying out the security considerations.
The anticipated deployment scenarios are:
1) Distribute the .msi package via Web or removable media
2a) Deploy to a single client machine, or
2b) Deploy to a LAN, either client/server or peer-to-peer.
My security question pertains to the LAN deployment scenario. Now, I'm making the assumption that a standard user on a LAN will very likely be running under the "LocalIntranet" permission set, which forbids calls to unmanaged code.
However, the Application.Exit() method requires permission to call unmanaged code. Now, as I see it, I can do one of several things to work around this, like requiring the Administrator to elevate the permissions on this application, or elevate each user's permissions, or deploying a copy of the app locally to each machine on the LAN (allowing it to run with higher permissions).
Here's my question (finally):
Is there seriously no way to exit an application with managed code
Code Access Security
IanO
Michael Taylor - 10/28/06
jayaraja
Hello All.
Michael:
Thanks for your reply. Works like a charm. You wouldn't happen to know if MS is planning a Wiki for Windows Forms like the one for C# Online, would you Because that would certainly be the place for bizarre little gems like this one.
Thanks again for your reply.
ragc
Yes you are correct that running an app over the network would run in the LocalIntranet zone. And yes you can not arbitrarily close the application using Application.Exit. However I don't know exactly what benefit you'd get from using this method anyway. Normally to close an application you simply close the main form. This will automatically close the application and can be done in the limited zone.
Michael Taylor - 10/27/06
mranzani
Hello All.
Michael:
Thanks for your reply. Yes, perhaps I should have been more specific with my question. I know that I can fallback through all of the open forms and end up closing the main form to end the application.
The reason that I wanted to use Application.Exit() is that, at the anticipated point in the execution, several forms will likely be open, and that method handles all of the Close event notification for me.
I realize that I can (and will have to) write an AppClosing event and have all of the forms subcribe to that event; it just seems a little hinky to have to duplicate the functionality of Application.Exit() solely because it is based on unmanaged code.
Thanks again for your reply.
vahdam_mn
There is an alternative. The overload of Application.Exit that accepts an argument does not require managed code privileges. Ironically Application.Exit() calls the overload with null. It looks like an oversight on MS as far as this method needing the privilege because it doesn't actually use unmanaged code. Nevertheless use Application.Exit(null) and your code should work.
Michael Taylor - 10/27/06