Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / Security / May 2005

Tip: Looking for answers? Try searching our database.

Check for certian privileges

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
john conwell - 12 May 2005 17:36 GMT
I need to check if the user of the app has IO and Registy rights.  How do I
"Assert" that the current user of a WinForm app has these rights?

Thanks,
John
Reply to this Message
john conwell - 12 May 2005 18:24 GMT
Let me expand on my question.  From what i understand CAS checks if the
calling assembly has rights to a certian resource.  But what about plain ole
fashioned user rights?  Does CAS check that too?  If the assembley has full
trust, but the user does not have rights to the registry, how can I check if
the user has rights or not?

> I need to check if the user of the app has IO and Registy rights.  How do I
> "Assert" that the current user of a WinForm app has these rights?
>
> Thanks,
> John
Reply to this Message
Joe Kaplan \(MVP - ADSI\) - 12 May 2005 18:41 GMT
CAS does not check NT security.  It checks the rights of the code to do
certain operations, not the user running the code.

The easiest and most reliable way to check check access to NT protected
resources is to try to open them and catch the UnauthorizedAccessException
that might happen.  If you want to do this programmatically, you probably
want to be looking at p/invoke on the AccessCheck API function.

Joe K.

> Let me expand on my question.  From what i understand CAS checks if the
> calling assembly has rights to a certian resource.  But what about plain
[quoted text clipped - 11 lines]
>> Thanks,
>> John
Reply to this Message
john conwell - 12 May 2005 19:16 GMT
Thats what I was afraid of. I am really under the belief that using try/catch
to control process flow is BAD practice, but I dont think I have another
choice.

"Joe Kaplan (MVP - ADSI)" wrote:

> CAS does not check NT security.  It checks the rights of the code to do
> certain operations, not the user running the code.
[quoted text clipped - 21 lines]
> >> Thanks,
> >> John
Reply to this Message
Joe Kaplan \(MVP - ADSI\) - 12 May 2005 21:18 GMT
I totally agree.  However, in this case, the only way to be 100% sure is to
try it.

AccessCheck is viable though and might not be that hard to do.  Check
pinvoke.net to see if anyone has already written a wrapper.

Even if you use AccessCheck to verify access, the ACL on the object could
certainly change between the time you check it and the time you go to access
it, so you still need the try/catch.  The resource could also get deleted
out from under you for that matter.

Best of luck,

Joe K.

> Thats what I was afraid of. I am really under the belief that using
> try/catch
[quoted text clipped - 32 lines]
>> >> Thanks,
>> >> John
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.