Hi,
I am experimenting with windows form. I tried to embed dll file in Internet Explorer and I run into Security Permission issue. The dll can't run.
So I do some research and finally find a way to do it.
Assign strong name to the .dll file. Then put the .snk strong name key file and .dll file together in a directory, use the .NET security configuration tool and increase the assembly trust to full trust. Then I am manage to run the .dll without any permission issues.
But what I am not too sure is, since I wish to distribute this .dll file from internet through internet explorer, I believe not every user on the client side would have actually configure my .dll to have full trust on their machine. And if it is the case they would run into security exception.
Is there anyway to set the security level using coding but not manually through .NET security configuration tool 
Regards,
Leo
Embedding .dll file in Internet Explorer
GDigrego
Thanks alot for your helpful pointer. I will try to study about it. But just to double check with you.
Say if the user machine has no "read" directory permission to read the file inside the directory by default on .NET security settings, would I still be able to "manipulate" using my security codes to actually make my .dll able to read the file from the directory
Or will I be "restricted" because of the user's .NET security settings
If I can't manipulate some security settings on my own using .NET codes, I find it no point to write the whole program. Because not every user would know how to change the .NET default security settings according to my .dll file needs.
Your help will be very much appreciated.
Ruprect8696
This certainly is a great idea and I believe it will works. But this mean, if the .NET security setting is not at 'FULL TRUST' it seems that I cannot perform certain task in coding means. I must somehow get the user invovle to do something so that it will actually run correctly, for your example is a .bat file. Got it. Very much appreciated about your opinion.
jhidey
Hi Leo
The .NET security policy settings itself are protected by the normal Windows Filesystem permissions (ACLs on a NTFS volume). By default only Administrators and Power Users are allowed (by the OS) to change these settings.
To change the policy you will need:
- the the code must get ppropriate CAS permissions AND
- the user running your code must have the appropriate rights on the PC.
I'd do the following:
If you detect that you're not running at 'FullTrust' (for instance by catching the SecuityExceptions) show an error message. This error messge sould contain some instructions how to fix the problem.
Create a batch file containing the required caspol.exe calls to enable full trust on your assembly. Instruct the user to download this file to his machine and run the script.
Hope this helps
Michael
Rohit Ghule
Hi Leo
You cannot change the CAS policy within your DLL directly.
The easiest way to change the security policy is by using caspol.exe.
Details see here: http://msdn2.microsoft.com/en-us/library/cb6t8dtz(VS.80).aspx
If you want to do this in code, use the classes in the System.Security namespace to do the job.
A good starting point is here: http://msdn2.microsoft.com/en-us/library/system.security.securitymanager.aspx
Hope this helps
Michael