- ClickOnce Security Overview
- Internet Explorer Security Settings Affecting ClickOnce
- Configuring ClickOnce Security Permissions
- Understanding and Managing Publisher Certificates
- Signing Application Updates
- User Prompting
- Trusted Applications' User Security Policies
- Trusted Publishers' Permission Elevation
- Adding Restricted Code Sections
- Securing the Application Based on User Roles
- Securing Access to ClickOnce Application Files on the Server
- Where Are We?
Trusted Applications' User Security Policies
When an application gets installed or run, a user security policy is created to record the set of permissions that have been granted to that application. This policy can be viewed using the Microsoft .NET Framework 2.0 Configuration tool. If you open this tool (from the Administrative Tools menu) and expand the Runtime Security Policy node down to the user level, you will see a child node under User for Trusted Applications. If you select this and click the link in the right pane labeled View List of trusted applications, you will see something like Figure 6.28.
Figure 6.28 Trusted Applications' Security Policies
Depending on how many different ClickOnce applications and how many different versions of those applications have been deployed to your machine, you may see many more entries in the list on the right. You will get one entry in the list for each application version for which a different set of permissions were issued. This always includes the first install or run of a ClickOnce application, and then additional entries will be made for subsequent versions of an application only if they elevate permissions beyond what the previous version required.
You can inspect the permissions set for a given application version by double-clicking on the entry in the list. This displays the Properties dialog shown in Figure 6.29, where you can inspect and browse through the assigned permissions.
Figure 6.29 Trusted Application Permissions