Hello all,
I've been meaning to post on here for a while but always find the information I need; up untill now of course! I would appreciate any help you may be able to offer in regards to code access security, and in particular dll's on a network share.
I am looking for a way to dynamically load assembles for reflection, instantiation, and invocation from an unknown network share at runtime.
I have searched the forums and understand that as of .NET 3.5 SP1, assemblies will execute on a network share with full trust. This appears to be targetted at .exe files and not .dll's.
I understand why this is happening, what code trust is, and how CasPol and the '.NET Framework 2.0 Configuration' tool works. I am able to modify the policies in order to obtain full trust in a test environment for a specific share, although I won't know the exact network share after deployment.
I am unable to utilise any of the in-built membership conditions, such as strongly signed, url, certificates and what-not.
I understand that I can implement a custom condition type by implementing the IMembershipCondition interface and jumping through a few hoops.
Based on the above information I would like to implement a custom membership condition (in C#), however this appears to be a rather involving task, and there doesn't appear to be much information available from Microsoft or on t'internet. Currently I don't understand how you put 'Evidence' into an assembly so that it can be identified, nor do I understand how this Evidence is exposed during policy evaluation and how to write this programmatically.
I would like to implement for example, a policy which identifies all assemblies that have an assembly attribute of type AssemblyCompany with a value of 'My Company', i.e. [assembly: AssemblyCompany("My Company")]. This is not exactly what I intend to implement but it would help me to understand how the mechanism works.
I knew nothing about code security prior to tackling this product request, and as you can probably deduct, I've been extensively working my way through and found as much information as I can on the topic, but I am now stuck.
Have you implemented your own IMembershipCondition adapter? Do you have any links to a comprehensive guide on how to do this? Can you provide a working example?
Thank you for reading through my (long) post, and please help me! :D