[Mono-list] ClickOnce?
Kornél Pál
kornelpal at hotmail.com
Wed Jun 8 11:32:08 EDT 2005
> From: Martin Hinks
> Neither of these technologies depend on CAS, but, if I understand
> correctly they were created in the first place for reasons to do with
> CAS - in fact, to get round security limitations that CAS imposes.
I am trying to explaing that they are not to save you. CAS is to save you.
"No Touch" is the ability of the runtime to execute somthing just by giving
an URL. It simply eliminates the need to download all the files manually and
makes administrators able to maintain a central instance of the application
on a single URL. Treats that URL as a base to find configuration, dependent
assemblies, ... And of course CAS has code origin security as well based on
that URL. So it can make "No Touch" more safe but "No Touch" is not based on
CAS.
"No Touch" is a feature of .NET Framework since version 1.0.
> Surely there is not much merit in having this technology until CAS
> support is fully mature as it is designed to be a helper to run the
> app with full trust?
"Click Once" is designed to deploy the application much like an installer.
It is not designed to elevate security. It has the ability install the
application with full trust if needed (with your confirmation) but it is
only a minor feature not "Click Once" itself.
For a short explanation along with a picture see:
http://msdn.microsoft.com/smartclient/understanding/windowsforms/2.0/features/clickonce.aspx
Note that the publishing wizard is in Visual Studio and the installer is on
the web server.
Kornél
More information about the Mono-list
mailing list