Hi
this is a discussion between me and me to understand isolated storage issue. can you help me to convince me about isolated storage!!
This is a code written in windows form app (reader) that read the isolated storage of another win form app (writer) which is signed. where is the security if the reader can read the writer's file, I thought only signed code can access the file!
If all .Net applications born equal and have all permissions to access Isolated storage, where is the security then? If I can install and run Exe from isolated storage, why I don't install a virus and run it, I am trusted to access this area. but the virus or what ever will not be trusted to access the rest of file system, it only can access the memory, and this is dangerous enough.
I cannot see any difference between using app data folder to save the state and using isolated storage except a long nasty path!!
I want to try give low trust to Reader code and retest, but they said "Isolated storage is actually created for giving low trusted application the right to save its state".
Reader code:
private void button1_Click(object sender, EventArgs e)
{
String path = @"C:\Documents and Settings\All Users\Application Data\IsolatedStorage\efv5cmbz.ewt\2ehuny0c.qvv\StrongName.5v3airc2lkv0onfrhsm2h3uiio35oarw\AssemFiles\toto12\ABC.txt";
StreamReader reader = new StreamReader(path);
var test = reader.ReadLine();
reader.Close();
}
Writer:
private void button1_Click(object sender, EventArgs e)
{
IsolatedStorageFile isolatedFile = IsolatedStorageFile.GetMachineStoreForAssembly();
isolatedFile.CreateDirectory("toto12");
IsolatedStorageFileStream isolatedStorage = new IsolatedStorageFileStream(@"toto12\ABC.txt", System.IO.FileMode.Create, isolatedFile);
StreamWriter writer = new StreamWriter(isolatedStorage);
writer.WriteLine("Ana 2akol we ashrab kai a3eesh wa akbora");
writer.Close();
writer.Dispose();
}