APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4 - applications

Information

In the .NET Framework version 3.5 and earlier versions, if an application assembly loaded code/objects from a remote location, that assembly would run partially trusted with a permissions grant set that depended on the zone in which it was loaded. For example, if an assembly was loaded from a web site, it was loaded into the Internet zone and granted the Internet permission set. In other words, it was executed in an Internet sandbox.

If the same program is run in the .NET Framework version 4, an exception is thrown which effectively states; either explicitly create a sandbox for the assembly or run it in full trust.

The <loadFromRemoteSources> element specifies the assemblies that run partially trusted in earlier versions of the .NET Framework will be run fully trusted in the .NET Framework 4.

If loadFromRemoteSources is set to true, the remotely loaded application code is granted full trust. This could create an integrity vulnerability on the system. The required method to address this is to explicitly create a sandboxed environment for the remotely loaded code to run in rather than allowing remotely loaded code to run with full trust.

The appropriate level of trust must be established prior to enabling the loading of remote code in .Net 4 applications and that code must be run in a controlled environment. The following is an example of the use of loadFromRemoteSources.

<configuration>
<runtime>
<loadFromRemoteSources enabled='true' 'https://my.dodorg.gov' />
<loadFromRemoteSources enabled='true' 'https://192.168.0.*' />
<loadFromRemoteSources enabled='false' '*' />
</runtime>
</configuration>

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

.Net application code loaded from a remote source must be run in a controlled environment.

A controlled environment consists of a sandbox, such as running in an Internet Explorer host environment or employing OS based software access controls, such as AppLocker or Software Security Policies, when application design permits.

Obtain documented IAO approvals for all remotely loaded code.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_DotNet_Framework_4-0_V2R1_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-39, CAT|II, CCI|CCI-002530, Rule-ID|SV-225233r615940_rule, STIG-ID|APPNET0065, STIG-Legacy|SV-41010, STIG-Legacy|V-30968, Vuln-ID|V-225233

Plugin: Windows

Control ID: 339559b89e2122cf27c5b7109802f436a8feca2283b4faf1e321d8c4b93b6069