Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Secure File and Data Access in Windows Forms

Secure File and Data Access in Windows Forms

Visual Studio .NET 2003

The .NET Framework uses permissions to protect resources and data. Where your application can read or write data depends on the permissions granted to it. When your application runs in a semi-trusted, or less than full trust, environment, you might not have access to your data or you might have to change the way you access it

The following sections discuss working with file, database and registry access from applications running in a semi-trusted environment:

File Access

The FileIOPermission class controls file and folder access in the .NET Framework. By default, the security system does not grant the FileIOPermission to semi-trusted environments such as the Local Intranet and Internet zones. However, an application that requires file access can still function in these environments if you modify the design of your application or use different methods to access files. By default, the Local Intranet zone is granted the right to have same site access and same directory access, to connect back to the site of its origin, and to read from its installation directory. The Internet zone, by default, is only granted the right to connect back to the site of its origin.

User-Specified Files

One way to deal with the lack of file access permission is to prompt the user to provide specific file information, using the OpenFileDialog or SaveFileDialog class. This user interaction helps ensure that the application cannot maliciously load private files or overwrite important files. The OpenFileDialog.OpenFile and SaveFileDialog.OpenFile methods provide read and write file access by opening the file stream for the file that the user specified. It also protects the user's file by obscuring the file's path

The FileDialogPermission class specifies what type of file dialog your application can use. The following table shows the value you must have to use each file dialog class.

ClassRequired access value
OpenFileDialogFileDialogPermissionAccess.Open
SaveFileDialogFileDialogPermissionAccess.Save
Note   The specific permission is not requested until the OpenFile method is actually called.

Permission to display a file dialog does not grant your application full access to all members of the FileDialog, OpenFileDialog, and SaveFileDialog classes. For exact permissions required to call each method, refer to the reference topic for that method in the .NET Framework class library documentation.

The following example uses the OpenFileDialog.OpenFile method to open a user-specified file into a RichTextBox control. The example requires FileDialogPermission and the associated FileDialogPermissionAccess.Open enumeration value. The example demonstrates handling the SecurityException to determine if the save feature should be disabled. Note that the programming logic for the save feature is not shown in the example. This example assumes your Form has a Button control named ButtonOpen, and a RichTextBox control named RtfBoxMain.

' Visual Basic
Private Sub ButtonOpen_Click(ByVal sender As System.Object, _
    ByVal e As System.EventArgs) Handles ButtonOpen.Click 

    Dim editingFileName as String = ""
    Dim saveAllowed As Boolean = True

    ' Displays the OpenFileDialog.
    If (OpenFileDialog1.ShowDialog() = DialogResult.OK) Then
        Dim userStream as System.IO.Stream
        Try 
            ' Opens the file stream for the file selected by the user.
            userStream =OpenFileDialog1.OpenFile() 
            Me.RtfBoxMain.LoadFile(userStream, _
                RichTextBoxStreamType.PlainText)
        Finally
            userStream.Close()
        End Try

        ' Attempts to get the file name selected by the user.
        ' Failure means that the application does not have
        ' unrestricted permission to the file.
        Try 
            editingFileName = OpenFileDialog1.FileName
        Catch ex As Exception
            If TypeOf ex Is System.Security.SecurityException Then 
                ' The application does not have unrestricted permission 
                ' to the file so the save feature will be disabled.
                saveAllowed = False 
            Else 
                Throw ex
            End If
        End Try
    End If
End Sub

// C#
private void ButtonOpen_Click(object sender, System.EventArgs e) 
{
    String editingFileName = "";
    Boolean saveAllowed = true;

    // Displays the OpenFileDialog.
    if (openFileDialog1.ShowDialog() == DialogResult.OK) 
    {
        // Opens the file stream for the file selected by the user.
        using (System.IO.Stream userStream = openFileDialog1.OpenFile()) 
        {
            this.RtfBoxMain.LoadFile(userStream,
                RichTextBoxStreamType.PlainText);
            userStream.Close();
        }

        // Attempts to get the file name selected by the user.
        // Failure means that the application does not have
        // unrestricted permission to the file.
        try 
        {
            editingFileName = openFileDialog1.FileName;
        } 
        catch (Exception ex) 
        {
            if (ex is System.Security.SecurityException) 
            {
                // The application does not have unrestricted permission 
                // to the file so the save feature will be disabled.
                saveAllowed = false; 
            } 
            else 
            {
                throw ex;
            }
        }
    }
}
Visual C# Note   Be sure to add code to enable the event handler. Using the code from the following example, it would look like:
this.ButtonOpen.Click += new
System.Windows.Forms.EventHandler
(this.ButtonOpen_Click);

Other Files

Sometimes you will need to read or write to files that the user does not specify. An example is when you need to persist application settings. By default, in the Local Intranet and Internet zones, your application will not have permission to store data in a local file. However, it will be able to store data in isolated storage. Isolated storage is an abstract data compartment (not a specific storage location) consisting of one or more isolated storage files, called stores, that contain the actual directory locations where data is stored. File access permissions like FileIOPermission are not required; instead, the IsolatedStoragePermission class controls the permissions for isolated storage. By default, applications running in the Local Intranet and Internet zones can store data using isolated storage; however, settings like disk quota can vary. For more information about isolated storage, see Introduction to Isolated Storage.

The following example uses isolated storage to write data to a file located in a store. The example requires IsolatedStorageFilePermission and the IsolatedStorageContainment.DomainIsolationByUser enumeration value. The example demonstrates reading and writing certain property values of the Button control to a file in isolated storage. The Read function would be called after the application starts and the Write function would be called before the application ends. The example assumes that the Read and Write functions exist as members of a Form that contains a Button control named MainButton.

' Visual Basic
' Reads the button options from the isolated storage. Uses Default values 
' for the button if the options file does not exist.
Public Sub Read() 
    Dim isoStore As System.IO.IsolatedStorage.IsolatedStorageFile = _
        System.IO.IsolatedStorage.IsolatedStorageFile. _ 
        GetUserStoreForDomain()

    Dim filename As String = "options.txt"
    Try
        ' Checks to see if the options.txt file exists.
        If (isoStore.GetFileNames(filename).GetLength(0) <> 0) Then

            ' Opens the file since it exists.
            Dim isos As New System.IO.IsolatedStorage.IsolatedStorageFileStream _ 
                 (filename, IO.FileMode.Open,isoStore)
            Dim reader as System.IO.StreamReader
            Try 
                reader = new System.IO.StreamReader(isos)

                ' Reads the values stored.
                Dim converter As System.ComponentModel.TypeConverter
                converter = System.ComponentModel.TypeDescriptor.GetConverter _ 
                    (GetType(Color))

                Me.MainButton.BackColor = _ 
                        CType(converter.ConvertFromString _ 
                         (reader.ReadLine()), Color)
                me.MainButton.ForeColor = _
                        CType(converter.ConvertFromString _ 
                         (reader.ReadLine()), Color)

                converter = System.ComponentModel.TypeDescriptor.GetConverter _ 
                    (GetType(Font))
                me.MainButton.Font = _
                        CType(converter.ConvertFromString _ 
                         (reader.ReadLine()), Font)

            Catch ex As Exception
                Debug.WriteLine("Failed to read options " + _
                    ex.ToString())
            Finally
                reader.Close()
            End Try
        End If

    Catch ex As Exception
        Debug.WriteLine("Failed to read options " + ex.ToString())
    End Try
End Sub

' Writes the button options to the isolated storage.
Public Sub Write() 
    Dim isoStore As System.IO.IsolatedStorage.IsolatedStorageFile = _
        System.IO.IsolatedStorage.IsolatedStorageFile. _ 
        GetUserStoreForDomain()

    Dim filename As String = "options.txt"
    Try 
        ' Checks if the file exists and if it does attempts to delete it.
        If (isoStore.GetFileNames(filename).GetLength(0) <> 0) Then
            isoStore.DeleteFile(filename)
        End If
    Catch ex As Exception
        Debug.WriteLine("Failed to delete file " + ex.ToString())
    End Try

    ' Creates the options.txt file and writes the button options to it.
    Dim writer as System.IO.StreamWriter
    Try 
        Dim isos As New System.IO.IsolatedStorage.IsolatedStorageFileStream _ 
             (filename, IO.FileMode.CreateNew, isoStore)

        writer = New System.IO.StreamWriter(isos)
        Dim converter As System.ComponentModel.TypeConverter

        converter = System.ComponentModel.TypeDescriptor.GetConverter _ 
           (GetType(Color))
        writer.WriteLine(converter.ConvertToString( _
            Me.MainButton.BackColor))
        writer.WriteLine(converter.ConvertToString( _
            Me.MainButton.ForeColor))

        converter = System.ComponentModel.TypeDescriptor.GetConverter _ 
           (GetType(Font))
        writer.WriteLine(converter.ConvertToString( _
            Me.MainButton.Font))

    Catch ex as Exception
        Debug.WriteLine("Failed to write options " + ex.ToString())

    Finally
        writer.Close()
    End Try
End Sub

// C#
// Reads the button options from the isolated storage. Uses default values 
// for the button if the options file does not exist.
public void Read() 
{
    System.IO.IsolatedStorage.IsolatedStorageFile isoStore = 
        System.IO.IsolatedStorage.IsolatedStorageFile.
        GetUserStoreForDomain();

    string filename = "options.txt";
    try
    {
        // Checks to see if the options.txt file exists.
        if (isoStore.GetFileNames(filename).GetLength(0) != 0) 
        {
            // Opens the file since it exists.
            System.IO.IsolatedStorage.IsolatedStorageFileStream isos = 
                new System.IO.IsolatedStorage.IsolatedStorageFileStream
                    (filename, System.IO.FileMode.Open,isoStore);
            System.IO.StreamReader reader = null;
            try 
            {
                reader = new System.IO.StreamReader(isos);

                // Reads the values stored.
                TypeConverter converter ;
                converter = TypeDescriptor.GetConverter(typeof(Color));

                this.MainButton.BackColor = 
                 (Color)(converter.ConvertFromString(reader.ReadLine()));
                this.MainButton.ForeColor = 
                 (Color)(converter.ConvertFromString(reader.ReadLine()));

                converter = TypeDescriptor.GetConverter(typeof(Font));
                this.MainButton.Font = 
                  (Font)(converter.ConvertFromString(reader.ReadLine()));
            }
            catch (Exception ex)
            { 
                System.Diagnostics.Debug.WriteLine
                     ("Failed to read options " + ex.ToString());
            }
            finally
            {
                reader.Close();
            }
        }
    } 
    catch (Exception ex) 
    {
        System.Diagnostics.Debug.WriteLine
            ("Failed to read options " + ex.ToString());
    }
}

// Writes the button options to the isolated storage.
public void Write() 
{
    System.IO.IsolatedStorage.IsolatedStorageFile isoStore = 
        System.IO.IsolatedStorage.IsolatedStorageFile.
        GetUserStoreForDomain();

    string filename = "options.txt";
    try 
    {
        // Checks if the file exists and, if it does, attempts to delete it.
        if (isoStore.GetFileNames(filename).GetLength(0) != 0) 
        {
            isoStore.DeleteFile(filename);
        }
    }
    catch (Exception ex) 
    {
        System.Diagnostics.Debug.WriteLine
            ("Failed to delete file " + ex.ToString());
    }

    // Creates the options file and writes the button options to it.
    System.IO.StreamWriter writer = null;
    try 
    {
        System.IO.IsolatedStorage.IsolatedStorageFileStream isos = new 
            System.IO.IsolatedStorage.IsolatedStorageFileStream(filename, 
            System.IO.FileMode.CreateNew,isoStore);

        writer = new System.IO.StreamWriter(isos);
        TypeConverter converter ;

        converter = TypeDescriptor.GetConverter(typeof(Color));
        writer.WriteLine(converter.ConvertToString(
            this.MainButton.BackColor));
        writer.WriteLine(converter.ConvertToString(
            this.MainButton.ForeColor));

        converter = TypeDescriptor.GetConverter(typeof(Font));
        writer.WriteLine(converter.ConvertToString(
            this.MainButton.Font));

    }
    catch (Exception ex)
    { 
        System.Diagnostics.Debug.WriteLine
           ("Failed to write options " + ex.ToString());
    }
    finally
    {
        writer.Close();
    }
}

Database Access

The permissions needed to access a database vary based on the database provider; however, by default, only applications running locally can access a database via a data connection. For more information about the permissions required to access a database, see Code Access Security and ADO.NET.

If you cannot directly access a database due to security settings, you can use an XML Web service as an alternative means to access your data. An XML Web service is a piece of software that is programmatically accessible over a network through XML. XML Web services allow applications to share data across code group zones. By default, applications in the Local Intranet and Internet zones are granted the right to access their sites of origin, which enables them to call an XML Web service. For information about building an XML Web service, see Building XML Web Services Using ASP.NET. For more information about using an XML Web service, see Building XML Web Service Clients.

Registry Access

The RegistryPermission class controls access to the operating system registry. By default, only applications running locally can access the registry. Note that RegistryPermission only grants an application the right to attempt registry access; it does not guarantee access will succeed, because the operating system still enforces security on the registry.

Because you cannot access the registry by default from the Local Intranet or Internet zones, you will need to find other methods of storing your data. When storing application settings, use isolated storage rather than the registry. Isolated storage can also be used to store other application-specific files. You can also store global application information about the server or site of origin, since by default an application is granted the right to access the site of its origin.

See Also

Secure Printing in Windows Forms | Additional Security Considerations in Windows Forms | Introduction to Security In Windows Forms | Windows Forms Security

Show:
© 2015 Microsoft