当前位置: 文江博客话题详情

是否存在命令行工具 CASPOL.exe 的替代品?

发布于 2024-09-04 17:48:01 字数 230 浏览 12 评论 0原文

当尝试执行 .NET-App 时,它会抛出“PolicyException”,因为“只允许一组”。 该工具应列出现有设置,并允许删除选定的设置。 使用 caspol 来列出没有帮助,它很残酷。

我看到有一个简单的 gui 前端,它允许定义新设置,但不允许列出或删除现有设置。

Caspol 是一场噩梦,难怪有人选择使用它。对于.NET 1.1,微软提供了一个配置实用程序,但对于.NET 2.0,我什么也没找到。

原文

When trying to execute a .NET-App, it throws a "PolicyException", because "only one group is allowed".
The tool should list existing settings, and allow to delete selected settings.
Using caspol to list is not helpful, it is cruel.

I've seen there is a simple gui-frontend, which allows to define NEW settings, but it does not allow to list or delete existing settings.

Caspol is a nightmare, no wonder anyone uses it by choice. With .NET 1.1 Microsoft delivered a configuration-utility, but for .NET 2.0 i've found nothing.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

零崎曲识 2024-09-11 17:48:01

2.0 也有一个配置小程序,我想它是随 2.0 SDK 一起提供的。如果您安装了它,它应该位于管理工具中,并被称为“Microsoft .NET Framework 2.0 配置”。

There's a Configuration Applet for 2.0 as well, think it comes with the 2.0 SDK. If you got it installed it should be in the Admin Tools and be called "Microsoft .NET Framework 2.0 Configuration".

回复 原文
So尛奶瓶 2024-09-11 17:48:01

您可以使用这段代码创建您自己的工具(gui 或命令行):

static void SetPermission( string target ) {
    try {
        // Find the machine policy level
        PolicyLevel machinePolicyLevel = null;
        System.Collections.IEnumerator policyHierarchy = SecurityManager.PolicyHierarchy();

        while ( policyHierarchy.MoveNext() ) {
            PolicyLevel level = (PolicyLevel)policyHierarchy.Current;
            if ( level.Label == "Machine" ) {
                machinePolicyLevel = level;
                break;
            }
        }


        if ( machinePolicyLevel == null ) {
            throw new ApplicationException(
                "Could not find Machine Policy level. Code Access Security " +
                "is not configured for this application."
                );
        }

        // Create a new FullTrust permission set
        PermissionSet permissionSet = new NamedPermissionSet( "FullTrust" );

        IMembershipCondition membershipCondition = new UrlMembershipCondition( target );

        // Create the code group
        PolicyStatement policyStatement = new PolicyStatement( permissionSet );
        CodeGroup codeGroup = new UnionCodeGroup( membershipCondition, policyStatement );
        codeGroup.Description = "Custom code group created by PermSet utility.";
        codeGroup.Name = "CustomCodeGroup-" + Guid.NewGuid().ToString();

        // Add the code group
        machinePolicyLevel.RootCodeGroup.AddChild( codeGroup );

        // Save changes
        SecurityManager.SavePolicy();
    }
    catch ( Exception ex ) {
        Console.WriteLine();
        Console.WriteLine( ex.ToString() );
        throw;
    }
}

You can do your own tool (gui or command-line) with this piece of code:

static void SetPermission( string target ) {
    try {
        // Find the machine policy level
        PolicyLevel machinePolicyLevel = null;
        System.Collections.IEnumerator policyHierarchy = SecurityManager.PolicyHierarchy();

        while ( policyHierarchy.MoveNext() ) {
            PolicyLevel level = (PolicyLevel)policyHierarchy.Current;
            if ( level.Label == "Machine" ) {
                machinePolicyLevel = level;
                break;
            }
        }


        if ( machinePolicyLevel == null ) {
            throw new ApplicationException(
                "Could not find Machine Policy level. Code Access Security " +
                "is not configured for this application."
                );
        }

        // Create a new FullTrust permission set
        PermissionSet permissionSet = new NamedPermissionSet( "FullTrust" );

        IMembershipCondition membershipCondition = new UrlMembershipCondition( target );

        // Create the code group
        PolicyStatement policyStatement = new PolicyStatement( permissionSet );
        CodeGroup codeGroup = new UnionCodeGroup( membershipCondition, policyStatement );
        codeGroup.Description = "Custom code group created by PermSet utility.";
        codeGroup.Name = "CustomCodeGroup-" + Guid.NewGuid().ToString();

        // Add the code group
        machinePolicyLevel.RootCodeGroup.AddChild( codeGroup );

        // Save changes
        SecurityManager.SavePolicy();
    }
    catch ( Exception ex ) {
        Console.WriteLine();
        Console.WriteLine( ex.ToString() );
        throw;
    }
}
回复 原文
梦明 2024-09-11 17:48:01

该实用程序是 .Net 2.0 中的 SDK。确保已安装。

另外,您可能有兴趣了解 .Net 3.5 sp1 和更高版本消除了 CAS 的一些痛点。

The utility is part of the SDK in .Net 2.0. Make sure that's installed.

Also, you might be interested to know that .Net 3.5 sp1 and later removed some of the pain points with CAS.

回复 原文
十秒萌定你 2024-09-11 17:48:01

MsCorCfg 似乎尚未在 Visual Studio 的后续版本中提供。我有2010,但一直无法找到这个文件。

MsCorCfg doesn't seem to have been made available with later releases of visual studio. I have 2010, but have not been able to locate this file.

回复 原文
~没有更多了~

关于作者

悟红尘

暂无简介

文章
评论
769 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

Promise

文章 0 评论 0

qq_lbRlsh

文章 0 评论 0

待"谢繁草

文章 0 评论 0

yy2010hell

文章 0 评论 0

漫无边际

文章 0 评论 0

傲娇萝莉攻

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文