Socket permissions

Anybody got experience with socket permissioning in VB.Net?

I've got the TCP/IP connection part working in theory, as I can send and return data when running the server and client on the same machine. However, I'm now trying to send data to a remote server and finding that the connection attempt is getting blocked with a Security Permissions error. I've tried demanding various levels of permission through the code but it's not having any of it.

The guys who run the system security have no idea how one might go about adding an application to some sort of .Net "trusted zone", and it appears that all the permissions in the .Net editor (the ConfigWizards app in the Windows\.Net\1.1 folder) are up to the maximum grantable. There is a sub-application in there to Trust a particular assembly, but

a) Even if this worked, it's not a good install procedure to have to go round users' PCs doing this manually

and b) Can it be done through code? I suspect not.


So, the questions are:

1) Is there a way round this in code? (I imagine not, otherwise it'd be pointless security..)

2) Should my system security guys know how to arrange matters so that this assembly can be automatically trusted by the networked PCs?

3) How is the above accomplished?



Any thoughts?



zaza

By logging in with full admin rights, I can use the ConfigWizards app to set a level of trust on the assembly such that the .Net framework does accept it. So this gets round the problem of how to get the thing working.

But does anybody know how one can arrange the trust without having to log in as admin on each specific PC? That seems like a mightily large barrier to a smooth roll-out...


zaza

By default any .net application on a network server is not given full trust. You will need to do so either with an installer or a cmd file. To do this you need to Use Caspol.exe that is included with the framework. Do a search on the forums, I have posted a few examples of using Caspol to give your app full trust. However, you will still need to be an administrator during the installation in order to do this.

Edit: Here is the link to one of my posts about Caspol
http://vbforums.com/showpost.php?p=2926544&postcount=3

That's all very well and good, but it seems absurd to have to get an application rolled out by logging on to each PC as an administrator. From a practicality perspective, there's little difference between logging on as administrator and running a script or just setting the trust myself. It's not to be run on a server, it's to be run on a few hundred individual PCs, so I can't believe that this is the best that the .Net framework can come up with.