[ Team LiB ] Previous Section Next Section

9.2 Inspecting Declarative Security Statements

The Permissions View tool (Permview.exe) allows you to view the declarative security statements used in an assembly. This is particularly useful when configuring security policy, as it allows you to view the permission requests contained in the assembly. Permview.exe is located in the \bin subdirectory of the .NET Framework SDK installation directory. Note that the \bin directory is not added to the Path environment variable by the SDK-installation process.

Permview.exe only shows declarative security statements and cannot extract the imperative security demands. It overrides from the body of an assembly.

To demonstrate Permview.exe, use the MessageUtil class shown here, which allows any caller to display a message box containing the value of the Message environment variable. MessageUtil uses three RequestMinumum permission requests to ensure that it has permission to read the Message environment variable, called Assert, and display safe top-level windows (such as message boxes). The DisplayMessage method uses declarative syntax to Assert UIPermission and EnvironmentPermission. This allows any client code to use DisplayMessage regardless of the caller's permissions:

# C#

using System;
using System.Windows.Forms;
using System.Security.Permissions;

// Request read access to the Message environment variable.
[assembly:EnvironmentPermission(SecurityAction.RequestMinimum, 
    Read = "Message")]

// Request permission to Assert.
[assembly:SecurityPermission(SecurityAction.RequestMinimum, 
    Assertion = true)]

// Request permission to display safe top level windows.
[assembly:UIPermission(SecurityAction.RequestMinimum, 
    Window = UIPermissionWindow.SafeTopLevelWindows)]

public class MessageUtil {
   
    // Assert the permission to read the Message environment variable and
    // to display top level windows.
    [EnvironmentPermission(SecurityAction.Assert, Read = "Message")]
    [UIPermission(SecurityAction.Assert, 
        Window = UIPermissionWindow.SafeTopLevelWindows)]
    public static void DisplayMessage(  ) {

        // Display the value of the Message environment variable
        // in a message box.
        MessageBox.Show(Environment.GetEnvironmentVariable("Message"));        
    }    
}

# Visual Basic .NET

Imports System
Imports System.Windows.Forms
Imports System.Security.Permissions
 
' Request read access to the Message environment variable.
<assembly:EnvironmentPermission(SecurityAction.RequestMinimum, _ 
    Read := "Message")> _
 
' Request permission to Assert.
<assembly:SecurityPermission(SecurityAction.RequestMinimum, _
    Assertion := True)> _
 
' Request permission to display safe top level windows.
<assembly:UIPermission(SecurityAction.RequestMinimum, _
    Window := UIPermissionWindow.SafeTopLevelWindows)> _
 
Public Class MessageUtil
 
    ' Assert the permission to read the Message environment variable and
    ' to display top level windows.
    <EnvironmentPermission(SecurityAction.Assert, Read := "Message"), _
    UIPermission(SecurityAction.Assert, _
    Window := UIPermissionWindow.SafeTopLevelWindows)> _
    Public Shared  Sub DisplayMessage(  )
        ' Display the value of the Message environment variable
        ' in a message box.
        MessageBox.Show(Environment.GetEnvironmentVariable("Message"))
    End Sub
End Class

If you build MessageUtil into a library named MessageUtil.dll and then run the command permview MessageUtil.dll, you will see the following XML descriptions of the permission request statements:

Microsoft (R) .NET Framework Permission Request Viewer.  Version 1.0.3705.0
Copyright (C) Microsoft Corporation 1998-2001. All rights reserved.

minimal permission set:
<PermissionSet class="System.Security.PermissionSet"
               version="1">
   <IPermission class="System.Security.Permissions.EnvironmentPermission, mscorl
ib, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                version="1"
                Read="Message"/>
   <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib,
 Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                version="1"
                Flags="Assertion"/>
   <IPermission class="System.Security.Permissions.UIPermission, mscorlib, Versi
on=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                version="1"
                Window="SafeTopLevelWindows"/>
</PermissionSet>

optional permission set:
  Not specified

refused permission set:
  Not specified

This is not the easiest format to read, but it contains all the information you need to configure your security policy correctly. Unfortunately, the output is not pure XML, and therefore creating a utility to parse the output and create a more readable report is not as straightforward as it could be.

Using the command permview /decl MessageUtil.dll extracts and displays all declarative security demands and stack walk overrides in addition to the permission requests. You will see the following information in addition to the permission request information we have already shown. Be aware that for large libraries the output from Permview may be significant:

Method MessageUtil::DisplayMessage(  ) Assert permission set:
<PermissionSet class="System.Security.PermissionSet"
               version="1">
   <IPermission class="System.Security.Permissions.EnvironmentPermission, mscorl
ib, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                version="1"
                Read="Message"/>
   <IPermission class="System.Security.Permissions.UIPermission, mscorlib, Versi
on=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
                version="1"
                Window="SafeTopLevelWindows"/>
</PermissionSet>
    [ Team LiB ] Previous Section Next Section