RE: [nant-dev] NUnit security

[Lorphelin Yves]

Title: [nant-dev] NUnit security

Hi Martin,   If you have no special need for your service to run under a privileged account, let it then run with a less privileged account.     Otherwise you can use the built-in .Net  runtime security features: Let your nant script copy everithing you need to a special folder (incl Nunit assemblies). & configure the .Net runtime on the build server so that everithing that is runned from this folder is granted less privileges. If your running W*S go to the administrative tools, .net Framework Configuration Runtime Security policy>Machine> code groups > all Code > My_computer_zone & make a new code group who's condition types is url and use " file://some directory/*.*" & the choose the permission set you want to use. (this can be done via the cmd line caspol)     Hope this helps. Yves   -----Oorspronkelijk bericht----- Van: Martin Aliger [mailto:[EMAIL PROTECTED] Verzonden: wo 9/10/2003 4:43 PM Aan: ! nant CC: Onderwerp: [nant-dev] NUnit security Hi all, I found serious security problem. My build server, which use NAnt internally, runs as windows service (as all build servers I know runs). This service runs as priviliged user. Nothing wrong with that unless you run test-cases with NUnit. It runs user code, which could contain maligious tests... It is not big problem for us, since I trust my coleagues, but it could be problem in some scenarios. What about limit somehow permitions in NUnitTask? Or is something done in NUnit itself? Regards, Martin ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ nant-developers mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/nant-developers