So what is the actual app and what does it do? Thanks, Brian Desmond br...@briandesmond.com
w - 312.625.1438 | c - 312.731.3132 -----Original Message----- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, October 19, 2010 2:08 PM To: NT System Admin Issues Subject: Re: CASPOL docs for sysadmins? On Tue, Oct 19, 2010 at 4:50 PM, Damien Solodow <damien.solo...@harrison.edu> wrote: > Looks like it is something that says "allow this .Net assembly to run > from this site". As the estimable Mr. Desmond points out, I don't think it's that simple. By reading the MSFT docs, I've been able to discern that <-q> suppresses an "Are you sure?" prompt. <-m> modifies the local machine policy (as opposed to?). <-ag 1.> "adds a new code group to the code group hierarchy", with <1.> as the parent group ID. But it's not at all clear to me what a code group is used for, and what the significance of <1.> is. < -name FMAuditWebAudit> associates a name with the group being added. <FullTrust> means normally-present restrictions are being removed. So then I of course wonder, is there a way I can be more granular or restrictive? Do I have to give away the keys to kingdom? <-site "meters.example.com"> specifies the site the code is coming from, but it isn't clear to me if that's in addition to the code group specification (logical AND, making things more restricted), or something else. But I definitely don't have the big picture, and that scares me. Look at the security nightmare ActiveX turned out to be. I don't want to go down that road all over again. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
