Click here to Skip to main content
Click here to Skip to main content

Permissions View Tool (Permview.exe .Net FrameWork Tools Series)

, 17 Jan 2006
Rate this:
Please Sign up or sign in to vote.
Permview.exe

Permissions View Tool (Permview.exe .Net FrameWork Tools Series)

Permissions View Tool is shipped with .Net FrameWork. This tool is used to view the Declarative and Requested permissions set on an assembly.

So let us create an assembly set some requested and declarative permissions on it and view them with Permview.

Let us start by creating an assembly and setting some Requested permissions on it.

1) Open a new WindowsApplication.
2) Add a button to the form named Button1.
3) Add a Class to this Application Named MyClass.
4) Add a method to this class named Add which adds to numbers and returns the result.
5) In the Button Click event of Button1 call the Add method of the MyClass as shown below.

MyClass myClass = new MyClass();
MessageBox.Show(myClass.Add(1,2).ToString());


6) Run the application. click on the Button and you will get the result as "3".Now we will add requested permission to this assembly.
7) Go to AssemblyInfo.cs and add the below lines

[assembly: FileIOPermission(SecurityAction.RequestMinimum,Write="c:\\")]
[assembly: UIPermission(SecurityAction.RequestRefuse, Window = UIPermissionWindow.AllWindows)]

By setting these permissions we say that to execute this application minimum write permission on C: is required. Along with that we have also requested an another UI permission which refuses to show any windows on the screen hence no forms or message boxes will be displayed.

8) Run the application. The form will not be loaded instead you will see the below error message:

Additional information: Request for the permission of type System.Security.Permissions.UIPermission, mscorlib, Version=1.0.3300.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.

9) We can vew the permissions set on an assembly with permview.exe.
10) Go to VS.Net command prompt and go to the folder which contains your application exe.
11) Type the following command :permview WindowsApplication2.exe <or your application name>
12) You will see all the permissions set on the assembly as below:

minimal permission set:
<PermissionSet class="System.Security.PermissionSet" version="1">
  <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=1.0.3300.0, Culture=neutral, 
 PublicKeyToken=b77a5c561934e089" version="1" Write="c:\"/>
</PermissionSet>
optional permission set:
Not specified
refused permission set:
<PermissionSet class="System.Security.PermissionSet" version="1">
  <IPermission class="System.Security.Permissions.UIPermission, mscorlib, Version=1.0.3300.0, Culture=neutral,
  PublicKeyToken=b77a5c561934e089" version="1"Window="AllWindows"/>
</PermissionSet>

13) Since we have set RequestRefuse permission for UIPermission we were unable to see the form so let us change that to RequestOptional as follows :[assembly: UIPermission(SecurityAction.RequestOptional, Window = UIPermissionWindow.AllWindows)]These permissions on the assesmbly that we saw were erquested permissions on the assembly. Permview is also used to view declarative security on classes or methods.

14) Let us add Declarative security to our MyClass as follows:

[PrincipalPermission (SecurityAction.Demand, Role="Administrator")] // add this above the class declaration

15) According to the above permission only those users who belong to the "Administrator" role will be able to instantiate this class or call any method on this class.
16) Let us view the declarative security of this class.
17) Go to the VS.NET command prompt and type the following command : permview /decl WindowsApplication2.exe.

Note : - "/decl" shows the declarative permissions set on the classs and methods of the assembly.

18) You will see the class declarative permissions (as shown below) along with the requested assembly permissions.

Class WindowsApplication2.Class1 NonCasDemand permission set:

<PermissionSet class="System.Security.PermissionSet" version="1">
   <Permission class="System.Security.Permissions.PrincipalPermission, mscorlib,
             Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
             version="1">
      <Identity Authenticated="true" ID="mycomputer\Administrator"/>
   </Permission>
</PermissionSet>

19) You will be able to execute the method call if the current user is an Administrator on the machine. In this way we can use Permview.exe to view the declarative and requested permissions set on any assembly. There are 3 types of requested permissions which can be granted on assembly :

Minimum permissions: (RequestMinimum) Permissions your code must have in order to run.

Optional permissions: (RequestOptional) Permissions your code can use, but can run effectively without.

Refused permissions: (RequestRefuse) Permissions that you want to ensure will never be granted to your code, even if security policy allows them to be granted.

 

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

About the Author

Namratha Shah
Architect
United States United States
Namratha Shah a.k.a. Nasha is from orginally from Bombay, India but currently residing NJ, USA. She has to her credit, a Bachelor’s Degree in Microbiology and Biotechnology and a Master's in Computer and Software Applications (1999-2001) from Somaiya College Bombay. She started her career with C and C++ and then moved on to Microsoft Technologies. She has over 7.5 years experience in software architecture, design and development. She is a Certified Scrum Master and a member of the CORE .NET Architecture team. She has been Awarded with Microsoft’s Prestigious Most Valuable Professional (MVP) twice consecutively in years 2005 and 2006 in Visual C#.NET for her outstanding contributions to the .NET community.

Comments and Discussions

 
NewsErrors [modified] Pinmembertimexist29-May-06 19:48 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.140709.1 | Last Updated 17 Jan 2006
Article Copyright 2006 by Namratha Shah
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid