September 18th, 2003, 04:06 AM
Security policies and .NET "Applets"
I'm currently developping a browser-run winform IRC Chat Control. (.net activex controls or .net applets)
Now that control uses sockets so the user needs to do a whole bunch of security steps before it will run.
I've been able to make it work for the user by :
1) Configuring IE and adding http://max.dotnet11.hostbasket.com/ (the site the chat runs on) as trusted site.
2) Granting full trust in the .NET Framework configuration's "adjust security" wizard.
I know the Full trust permission set is a bit of an overkill , but it doesn't matter right now.
So every potential user has to go to the Control Panel and fiddle with settings. That can't be how it should be done!?
Is there an equivalent to Signed ActiveX Controls? A better way to do the above , with minimal to none user intervention?
I'm currently investigating Deployment Packages , which is supposed to be an msi users have to run that updates their .net security policies. So I tried making one that adds an IRCChat codegroup at machine level. This codegroup uses a hashcode of the assembly as evidence to grant full trust. I even used the "evaluate assembly" wizard to make sure my assembly gets that grant and it does. But it didn't work. Apparantly I can only make it work by changing the security policies for the internet zone to full trust. Which is ofcourse unacceptable and It would be irresponsible to make my users run that .msi installer.
It's really hard to find good information about this on the net.
What is the correct name for .net "applets"?