.Net and the falacy of security
.Net purports to be a secure platform, but when I create a .Net setup package and used a custom action I found that I could not run the setup package on a network.
I have a VB.Net installer. The installer program I created
(System.Configuration.Install) handles the various events
like MyBase.AfterUninstall, etc. This program works fine
but when I run the installer on a network resource (a UNC
path) it generates a System.Security.Security exception
before the program even starts. The .MSI installer kicks
off just fine, but throws the exception just when the .EXE
The installer works fine if the UNC drive is mapped, or if a
local drive. Any idea on what may be happening?
The solution may surprise you. It surprised me! The setup package created in VS.Net has to be given permissions to execute from a UNC path, but not from a mapped drive! My users would never go for having to do that. They want to click a link in the email I send or on a web page and have the installer run. Fortunately, there is an easy work around, but it shows just how crummy the .Net security is.
Here’s the trick: Create a batch file named setup.bat that gives the user all the permissions the setup package needs to run on the network. Here’s the contents of the batch file used to set security on .Net 1.1:
@GOTO :START /******************************************/ /* $Date: 2006/06/09 17:51:05 $ */ /* $Revision: 1.1 $ */ /* $Author: mike $ */ /******************************************/ :START IF NOT "%1" == "/?" GOTO :TESTOS ECHO. ECHO CONFIGNET.BAT - Sets up the .NET configuration GOTO :END :TESTOS IF "%OS%" == "Windows_NT" GOTO :SETLOC ECHO. ECHO !!! ERROR: SETUP PACKAGE REQUIRES A WINDOWS NT TYPE OS GOTO :ERROR :SETLOC SETLOCAL ENABLEEXTENSIONS IF ERRORLEVEL 1 GOTO :SETLOCERR GOTO :TRIMCMD :SETLOCERR ECHO. ECHO !!! ERROR: COMMAND EXTENSIONS NOT AVAILABLE GOTO :ERROR :TRIMCMD rem Trim the command line to be only a drive letter and path only SET MYROOTDIR=%~dp0 IF "%MYROOTDIR%" == "" GOTO :RUNSU rem Test the SETUP DIR to see if we are on a UNC path. UNC paths start with "\\" rem A UNC path requires us to run caspol to give .NET permissions to run the setup IF "%MYROOTDIR:~0,2%" == "\\" GOTO :TESTCAS GOTO :RUNSU :TESTCAS rem At this point we have assumed that the batch file is run from a UNC path rem This requires that we SET the .NET permissions using CASPOL.EXE rem Verify that CASPOL.EXE is on the system SET CASPOL_EXE=%SystemRoot%\Microsoft.NET\Framework\v1.1.4322\CasPol.exe IF EXIST "%CASPOL_EXE%" GOTO :RUNCAS ECHO. ECHO !!! ERROR: MICROSOFT .NET v1.1.4322 PACKAGE NOT INSTALLED GOTO :ERROR :RUNCAS rem Run CASPOL and see if the permissions are already SET for this UNC. rem CASPOL has the nasty habbit of creating permissions each time, rem regardless if they are already present or not. rem Change the "\" to "/" which is what caspol likes to see ECHO Testing .NET security: "%MYROOTDIR%" "%CASPOL_EXE%" -lg 2>NUL | findstr /I /C:"%MYROOTDIR:\=/%" >NUL IF ERRORLEVEL 1 GOTO :NEEDCAS GOTO :CASOK :NEEDCAS rem CASPOL is required for this UNC Path. Add it to the .NET configuration ECHO Setting .NET security "%CASPOL_EXE%" -q -machine -addgroup 1 -url "file:%MYROOTDIR%*" FullTrust -n "mmGrasp" >NUL IF ERRORLEVEL 1 GOTO :CASERR GOTO :RUNSU :CASERR ECHO. ECHO !!! ERROR: Setting .NET for "%MYROOTDIR%" GOTO :ERROR :CASOK ECHO.NET security OK GOTO :RUNSU :RUNSU GOTO :END :END
So there it is- one of the ways that .Net security falls short and an easy way to beat it.