I am fairly new to .NET programming so this may be a simplistic
question. I wrote a C# application that reads and writes files. If
the program resides on a local drive everything is fine. If the
program resides on a network drive then I get the following error.
System.Security .SecurityExcept ion: Request for the permission of type
'System.Securit y.Permissions.F ileIOPermission , mscorlib,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b77a5c561934e08 9'
failed.
at System.Security .CodeAccessSecu rityEngine.Chec k(Object demand,
StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security .CodeAccessPerm ission.Demand()
at System.IO.Direc tory.GetCurrent Directory()
at Transmitter.Tra nsmProcess.GetF iles(Form1 oTWin, String sDirPath)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security .Permissions.Fi leIOPermission
The Zone of the assembly that failed was:
Intranet
I have tried the following with no luck. Any suggestions?
FileIOPermissio n f = new
FileIOPermissio n(PermissionSta te.Unrestricted );
f.AllFiles = FileIOPermissio nAccess.AllAcce ss;
Thanks,
Gary 7 5605
Gary,
The problem here is that you are running it off a network drive. Code
that resides on the local drive typically is given unrestricted freedom.
When running of a network drive (or the internet, which is even more
restrictive), the thinking here is that since the code came from a place not
on your machine (which you probably have less control over than your own
machine), it shouldn't be trusted.
In order to get around this, you have to go to the .NET Framework
Configuration tool, located in the Administrative Tools for your machine.
Once you have that, you can add a new code group to the runtime security
policy for the user or machine. In this code group, you identify your app
(through location, hash, or strong name. Signing your app with a strong
name key is the best bet in this scenario, as recompiles will mess with your
hash), and then you can assign it Full Trust, or whatever permissions subset
is required to run your application.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"GMiller" <lu********@gma il.comwrote in message
news:11******** **************@ n76g2000hsh.goo glegroups.com.. .
>I am fairly new to .NET programming so this may be a simplistic
question. I wrote a C# application that reads and writes files. If
the program resides on a local drive everything is fine. If the
program resides on a network drive then I get the following error.
System.Security .SecurityExcept ion: Request for the permission of type
'System.Securit y.Permissions.F ileIOPermission , mscorlib,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b77a5c561934e08 9'
failed.
at System.Security .CodeAccessSecu rityEngine.Chec k(Object demand,
StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security .CodeAccessPerm ission.Demand()
at System.IO.Direc tory.GetCurrent Directory()
at Transmitter.Tra nsmProcess.GetF iles(Form1 oTWin, String sDirPath)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security .Permissions.Fi leIOPermission
The Zone of the assembly that failed was:
Intranet
I have tried the following with no luck. Any suggestions?
FileIOPermissio n f = new
FileIOPermissio n(PermissionSta te.Unrestricted );
f.AllFiles = FileIOPermissio nAccess.AllAcce ss;
Thanks,
Gary
"GMiller" <lu********@gma il.comwrote in message
news:11******** **************@ n76g2000hsh.goo glegroups.com.. .
>[...] If
the program resides on a local drive everything is fine. If the
program resides on a network drive then I get the following error.
System.Security .SecurityExcept ion: Request for the permission of type
'System.Securit y.Permissions.F ileIOPermission ,
[...]
I have tried the following with no luck. Any suggestions?
FileIOPermissio n f = new
FileIOPermissio n(PermissionSta te.Unrestricted );
f.AllFiles = FileIOPermissio nAccess.AllAcce ss;
No, you don't fix it in code from within the program. This is the .Net
runtime protecting you against a potentially harmful program. Since you are
running the executable from a network drive, and the framework does not know
that this location is trusted, it defaults to limiting the permissions of
the program.
You can grant additional permissions to the programas downloaded from
that location from the Control Panel, Administrative tools, .Net Framework
Configuration. This has to be done at every PC that needs to trust that
location. This configuration tool comes with the Framework v1, but not with
v2; if you have v2 you can get the configuration tool with the framework
SDK.
Another tool that serves the same purpose is CASPOL.exe. You run it from
a command prompt with various parameters that determine the permissions to
grant.
If you need to configure multiple computers, you create an enterprise
policy from control panel at a computer that has the framework configuration
tool installed. The tool can then generate a .msi that you can then install
at the rest of the computers. This can be automated via group policy if it
needs to be deployed in a large organization.
Nicholas
Thanks for the quick answer. A couple of questions.
Is there a "best" way to handle this? Should I simply require a user
to run the application on a local drive and not a network drive?
How do a 'sign' my application for the security policy?
Exactly where under the .NET configuration tool do I assign the
security policy?
Thanks,
Gary
Gary,
Well, having it on the local drive as opposed to the network drive is
not any big deal, but you do have to worry about re-deploying the app every
time it changes, which is what I imagine the reason for putting it on a
network share is.
If you want a better deployment story, look at ClickOnce. It is an
install/update mechanism in .NET which will help with all of these issues.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"GMiller" <lu********@gma il.comwrote in message
news:11******** **************@ r56g2000hsd.goo glegroups.com.. .
Nicholas
Thanks for the quick answer. A couple of questions.
Is there a "best" way to handle this? Should I simply require a user
to run the application on a local drive and not a network drive?
How do a 'sign' my application for the security policy?
Exactly where under the .NET configuration tool do I assign the
security policy?
Thanks,
Gary
I set the security policy to "full trust" at the machine level and I
still receive the same error. It seems like I'm missing the obvious
here.
Thanks,
Gary
"GMiller" <lu********@gma il.comwrote in message
news:11******** ************@n5 9g2000hsh.googl egroups.com...
>I set the security policy to "full trust" at the machine level and I
still receive the same error. It seems like I'm missing the obvious
here.
"full trust" at the machine level ... and what code group? If your
server is on the "local intranet", and you apply "full trust" to the
local_intranet group at machine level, it should work ... unless inferior
permissions are assigned at the user or enterprise level, since you get the
intersection of the three permission sets (by default these two levels are
set to full trust so you should have no problems).
"GMiller" <lu********@gma il.comwrote in message
news:11******** **************@ n76g2000hsh.goo glegroups.com.. .
>I am fairly new to .NET programming so this may be a simplistic
question. I wrote a C# application that reads and writes files. If
the program resides on a local drive everything is fine. If the
program resides on a network drive then I get the following error.
System.Security .SecurityExcept ion: Request for the permission of type
'System.Securit y.Permissions.F ileIOPermission , mscorlib,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b77a5c561934e08 9'
failed.
at System.Security .CodeAccessSecu rityEngine.Chec k(Object demand,
StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security .CodeAccessPerm ission.Demand()
at System.IO.Direc tory.GetCurrent Directory()
at Transmitter.Tra nsmProcess.GetF iles(Form1 oTWin, String sDirPath)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security .Permissions.Fi leIOPermission
The Zone of the assembly that failed was:
Intranet
I have tried the following with no luck. Any suggestions?
FileIOPermissio n f = new
FileIOPermissio n(PermissionSta te.Unrestricted );
f.AllFiles = FileIOPermissio nAccess.AllAcce ss;
%windir%\Micros oft.Net\Framewo rk\v2.0.50727\c aspol -cg 1.2 FullTrust will
allow "intranet" applications to run. Note that referencing an IP address
will make this an "internet" zone so use UNC. IE7 can also change the
interpretation of "intranet" so Tools / Options / Security and add server
name to Local Intranet if necessary.
PS This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: robert |
last post by:
well, talk about timely. i'm tasked to implement a security feature,
and would rather do so in the database than the application code. the
application is generally Oracle, but sometimes DB2. Oracle has what
it calls package DBMS_RLS, which implements application ignorant
row level security.
scanning this group yielded "you can't do that; use views". then i
dug out DB2Mag qtr 1 2004, and there is MLS for v8/390. from this
article,...
|
by: Mike MacSween |
last post by:
S**t for brains strikes again!
Why did I do that? When I met the clients and at some point they vaguely
asked whether eventually would it be possible to have some people who could
read the data and some who couldn't but that it wasn't important right now.
And I said, 'sure, we can do that later'.
So now I've developed an app without any thought to security and am trying
to apply it afterwards. Doh!, doh! and triple doh!
|
by: Ashish |
last post by:
Hi Guys
I am getting the following error while implementing authentication using
WS-security.
"Microsoft.Web.Services2.Security.SecurityFault: The security token could
not be authenticated or authorized ---> System.Exception: WSE565: The
password provided the SecurityTokenManager does not match the one on the
incoming token. at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyPlainText
|
by: prithvi g via .NET 247 |
last post by:
Hi
I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll andMicrosoft.Samples.Runtime.Remoting. Security in both my clientand server. I have have defined my config files as follows
for client
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.runtime.remoting>
<application>
<channels>...
|
by: Earl Teigrob |
last post by:
Background:
When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is comprised of a DataGrid may have separate permissions for adding, deleting and updating a news item.
Problem
Up until now, I have been implementing security directly inside the control. I will test directly against the security model to see if...
| |
by: Magdelin |
last post by:
Hi,
My security team thinks allowing communication between the two IIS instances
leads to severe security risks. Basically, we want to put our presentation
tier on the perimeter network and the business tier inside the fire wall or
internal network. The biz tier will be developed and deployed as web services
on IIS.
I know microsoft recommends this architecture but I am not able to convince
my security team. They say IIS is vulnerable...
|
by: Jay C. |
last post by:
Jay
3 Jan. 11:38 Optionen anzeigen
Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen
Datum: 3 Jan 2006 02:38:30 -0800
Lokal: Di 3 Jan. 2006 11:38
Betreff: Referenced security token could not be retrieved
Antworten | Antwort an Autor | Weiterleiten | Drucken | Einzelne Nachricht |
Original anzeigen | Entfernen | Missbrauch melden
|
by: Velvet |
last post by:
I ran FxCop on one of the components for my web site and the security rules
what me to add " tags like the ones listed
below:
This breaks my ASP.NET application. So my question is, what should these
|
by: Jeremy S. |
last post by:
..NET's code Access Security enables administrators to restrict the types of
things that a .NET application can do on a local computer. For example, a
..NET Windows Forms application can be prevented from writing to the Registry
or writing a file to the local disk.
My question: Is this feature unique to .NET? Or is it just as easy for
enterprise network administrators to prevent COM applications from writing
to the Registry and doing...
|
by: Budhi Saputra Prasetya |
last post by:
Hi,
I managed to create a Windows Form Control and put it on my ASP .NET page. I
have done the suggestion that is provided by modifying the security settings.
From the stack trace, I would assume that the code throws exception when it
is trying to retrieve the processes list that has certain name. Below is the
code that I use to retrieve the processes.
Process processes = Process.GetProcessesByName("xxxx");
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |