Trusted Code

To get .Net ISL running on a Windows computer where the filesystem where the bytecode lives is not local you need to make that filesystem trusted.

Why? Well, in .Net the local computer is considered safe and tamper free (even if it is running Windows :-) but remote filesystems, like ones residing on a Linux box mounted over NFS or via Samba, aren't. Neither are remote Windows shares btw.

So how do you get these remote filesystems trusted?

You need to create the Dilbert Zone.

Bring up the .Net Framework 1.1 Configuration tool (see Program Files\Settings\Control Panel\Administrative Tools\Microsoft .Net Framework 1.1 Configuration) and navigate to Runtime Security Policy\Machine\Code Groups\All_Code\LocalIntranet_Zone and select "Add a Child Code Group". Name that "The Dilbert Zone" (why? because then it's easy to find again :-) You need to specify that the membership condition type is "Zone" and the zone is "Local Intranet", and that the Permission Set is "FullTrust".

If you do all this, ISL that's sitting on a disk remote from your workstation will be sufficiently trusted to execute on a Windows box. Yay.

tech/code/C-Sharp | 17 Aug 2004 | #