For our customers, this is not an option because our application must use elevated privileges and run in a browser other than the browser (and only It can only run after changing the registry key). The application will be hosted on our Internet website.
Is it possible to enable elevated trust for the browser without adding the registry key? (For example, add some configuration on the server, but not on the client? Is it possible to ask the user for elevated permissions, such as in Silverlight 4 for webcam capture?
http: //www.mistergoodcat.com/post/Silverlight-5-Tidbits-Trusted-applications
Also, if anyone can elaborate on the security issues of changing registry settings. According to my understanding, because We only made changes for the Silverlight application. Therefore, any other malicious applications cannot run because it may not have a trusted certificate installed (the certificate can only be imported by the administrator)
I used [link]( http://msdn.microsoft.com/en-us/library/dd833073(v=vs.95).aspx) created an OOB application. In addition, I created a ClientAccessPolicy file with the following content:
< br />
Then I publish my application to the server, it works as an OOB application, no need to modify the registration Table settings.
In order to enable elevated trust for Silverlight 5 applications when running in the browser, I tried many good options, such as: here (by Mister Goodcat), our VeriSign certificate can only be used when I add the registry key AllowElevatedTrustAppsInBrowser.
For our customers, this is not an option because our applications must use elevated permissions and outside the browser The browser runs (and can only run after changing the registry key). The application will be hosted on our Internet website.
Is it possible to do without adding a registry key? Enable elevated trust for the browser (for example, add some configuration on the server, but not on the client? Is it possible to ask users for elevated permissions, such as in Silverlight 4 for webcam capture?
I have encountered similar problems in the past. After configuring the application by changing the registry settings, it works normally. However, if we make such settings, Customers will question security violations. Then I created an OOB application and used the ClientAccessPolicy.xaml file to increase trust. After that, I didn’t need any registry changes or import certificates, as described in the link:
http ://www.mistergoodcat.com/post/Silverlight-5-Tidbits-Trusted-applications
In addition, if anyone can elaborate on the security issues of changing the registry settings. According to my understanding, Because we only made changes for the Silverlight application. Therefore, any other malicious applications cannot run because it may not have a trusted certificate installed (the certificate can only be imported by the administrator)
I use [link] (http://msdn.microsoft.com/en-us/library/dd833073(v=vs.95).aspx) created an OOB application. In addition, I created a ClientAccessPolicy file with the following content:< /p>
< /cross-domain-access>
Then I set my application The program is published to the server, it works as an OOB application, no need to modify the registry settings.