Get current/active security zone of a .NET applica

2019-02-17 07:30发布

问题:

I have an application that behaves oddly, and just to verify, I'd like to see which security zone it is currently running under.

I've found the System.Security.SecurityZone enum, but can't seem to find anything that will return which of these I'm running under.

Does anyone have any tips?

Basically I want to find out if my application is running in MyComputer, Intranet, Internet, Untrusted, Trusted, etc.


Edit: Here's the minor test-app I wrote to find this code, thanks to @blowdart.

using System;
using System.Reflection;

namespace zone_check
{
    class Program
    {
        static void Main(string[] args)
        {
            Console.WriteLine(".NET version: " + Environment.Version);
            foreach (Object ev in Assembly.GetExecutingAssembly().Evidence)
            {
                if (ev is System.Security.Policy.Zone)
                {
                    System.Security.Policy.Zone zone = (System.Security.Policy.Zone)ev;
                    Console.WriteLine("Security zone: " + zone.SecurityZone);
                    break;
                }
            }
        }
    }
}

回答1:

You need to look at the CAS evidence for the current assembly;

this.GetType().Assembly.Evidence

Assembly.Evidence is a property Evidence object. From this you can enumerate the evidence and look for the zone which appears as a <System.Security.Policy.Zone> element.



回答2:

In .NET 3.5 you can simplify the code with LINQ:

Zone z = a.Evidence.OfType<Zone>().First();

From .NET 4.0 you have a convenient GetHostEvidence method:

Zone z = Assembly.GetExecutingAssembly().Evidence.GetHostEvidence<Zone>();

Note that from .NET 4.0 evidence classes derive from the EvidenceBase base class.

HTH, György



回答3:

You can also use

Evidence e = Thread.CurrentThread.GetType().Assembly.Evidence;

instead of

this.GetType().Assembly.Evidence