This is day #3 of my journey through the .NET 4.0 assemblies. I’m planning to split up large assemblies over several days so that I give bigger assemblies proper treatment. Today, that won’t be happening! By the way, this is actually turning out to be pretty neat. .NET ships with a lot of interesting pieces, and the assemblies that sort early in the alphabet (because they don’t start with System) are pretty interesting glimpses into how .NET does things.
Today, we look at IEExecRemote. This assembly contains a single type:
IEExecRemote, Version=18.104.22.168, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
In GAC: True
Number of types: 1
Number of namespaces: 1
So, what does this IEExecuteRemote do? Reading the docs, we see that this is another class that “supports the .NET Framework infrastructure and is not intended to be used directly from your code.” So what? What does it do? It runs a managed application over the Internet. OK, that’s kind of generic and not very helpful. What is really going on? When you start a .NET application via a URL, Windows fires up an application called IEExec.exe. This KB article describes the process. This part of the discussion is pertinent:
The IEExec.exe application is an undocumented Microsoft .NET Framework application that is included with the .NET Framework. You can use the IEExec.exe application as a host to run other managed applications that you start by using a URL.
For example, when you start a smart client by using a URL, no processes run with the smart client name. Instead, each application that you start by using a URL receives its own copy of the IEExec.exe application. The IEEXEC.exe application sets up the appropriate environment for the application to run in.
Typically, the IEExec.exe application works closely with Microsoft Internet Explorer to help you start the .NET Framework applications. The IEExec.exe application hooks to Internet Explorer version 5.01 and later to listen for assemblies that are requested. During a request, the executable is downloaded to the assembly download cache. Internet Explorer spawns a process for the IEExec.exe application and then passes the raw evidence information of the executable to the IEExec.exe application. The IEExec.exe application then uses the raw evidence information to set up an environment that has constrained-security settings for the executable.
IEExecuteRemote and IEExec work together to host and run assemblies that are stored at URLs (instead of the local file system). IEExec loads the IEExecuteRemote instance in a separate AppDomain and then runs the remote assembly in that domain. The only method that IEExec excecutes on IEExecuteRemote is the ExecuteAsAssembly method.