Hosting provider security issues

Discussion of open issues, suggestions and bugs regarding ADO.NET provider for MySQL
farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

Hosting provider security issues

Post by farshore » Tue 07 Nov 2006 15:06

Hi we are trying with our hosting provider to install the corelabs component on a server, but they require some further information regarding security permissions, does anyone know if it is possible to run the component outside the global assembly cache and how to get any security information regarding corelab components
Thanks

Alexey
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Post by Alexey » Tue 07 Nov 2006 15:17

What security information do you need? Please describe in detail.

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

security information

Post by farshore » Tue 07 Nov 2006 15:47

That's exactly what I need, detailed security information about installing/running the corelabs component.
Can you help?

Alexey
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Post by Alexey » Tue 07 Nov 2006 15:53

Do you need information about trust levels or not?

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

security information

Post by farshore » Tue 07 Nov 2006 16:37

Hi basically the hosting party have told us that they cannot run the component from the global cache folder because that effects their security.
Is there a way to register the component that will allow their security level to stay intact and is there anyone I can contact directly about this issue.
Many thanks

Alexey
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Post by Alexey » Wed 08 Nov 2006 06:55

Which security level do they use?

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

security issues

Post by farshore » Wed 08 Nov 2006 10:23

Alexey wrote:Which security level do they use?
Which file should I get the hosting party to send to verify their security settings?

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

Post by farshore » Wed 08 Nov 2006 10:57

Alexey wrote:Which security level do they use?









Last edited by farshore on Wed 08 Nov 2006 15:54, edited 1 time in total.

Alexey
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Post by Alexey » Wed 08 Nov 2006 11:07

There is a section in the web.config file:

Code: Select all

            
                
                
                
                
                
            
            
Tell me the trust level ("Full" is this snippet).

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

Post by farshore » Wed 08 Nov 2006 11:19

In their web.config the trust level is set by the config file I posted:

(...)





farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

security issues

Post by farshore » Wed 08 Nov 2006 13:35

Hi are these permissions the same for the mysql component
Thanks

Alexey
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Post by Alexey » Thu 09 Nov 2006 07:10

For MySQLDirect .NET you need SocketPermission in Direct mode (in addition to Medium Trust Level). Others are ok in Medium.

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

Security issues

Post by farshore » Thu 09 Nov 2006 09:40

I'll see if we can set up a test later today
the component we are trying to use is MySQLDirect for .NET 3.5.10
The hosting party say they have an issue with any component being placed in the global assembly cache.
but they are willing to modify their config to allow the component
What trusts are required for none direct mode
Thanks

Alexey
Posts: 2756
Joined: Mon 13 Mar 2006 07:43

Post by Alexey » Thu 09 Nov 2006 11:13

For non-direct mode medium trust level should be enough.

farshore
Posts: 19
Joined: Tue 07 Nov 2006 12:19

Post by farshore » Thu 09 Nov 2006 11:31

Hi can you also give a log file from the installer for this component please
Thanks

Post Reply