By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,853 Members | 992 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,853 IT Pros & Developers. It's quick & easy.

Security issue in .NET 2.0 app on Network drive

P: n/a
Our company deploys our .NET 2.0 apps to a network drive for them to be run.
We are having issues with security in getting these to run. Below is a sample
output for a job that is trying to call a DLL and failing.

Since the .NET 2.0 Config control panel applet is no longer included with
the framework, we ran the following command line to allow full trust on Local
Intranet apps:

c:\windows\microsoft.net\framework\v2.0.50727\casp ol.exe -cg
LocalIntranet_Zone FullTrust

However, looking at the error output, it seems as though it's putting our
assembly into the Internet zone, even though it's on a local network? Does
this mean we need to modify the Internet Options to explicitly allow that
network path? Why doesn't it automatically recognize that this is a Local
Intranet location, since it is internal to our AD domain?

Here is the error output:

-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~
Unhandled Exception: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Reflection.Assembly.VerifyCodeBaseDiscovery (String codeBase)
at System.Reflection.Assembly.GetName(Boolean copiedName)
at System.Reflection.Assembly.GetName()
at Mono.GetOptions.OptionList.ExtractEntryAssemblyInf o(Type optionsType)
at Mono.GetOptions.OptionList..ctor(Options optionBundle)
at Mono.GetOptions.Options.ProcessArgs(String[] args)
at TuitionSupervisorEmail.Program.Main(String[] args)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.FileIOPermission
The first permission that failed was:

The demand was for:

The granted set of the failing assembly was:

The assembly or AppDomain that failed was:
Mono.GetOptions, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
The method that caused the failure was:
Void ExtractEntryAssemblyInfo(System.Type)
The Zone of the assembly that failed was:
Internet
The Url of the assembly that failed was:
file://path/to/app/folder/Mono.GetOptions.DLL
-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~

Thanks,
toby
Feb 14 '07 #1
Share this Question
Share on Google+
3 Replies


P: n/a
PS

"toby" <to**@discussions.microsoft.comwrote in message
news:3A**********************************@microsof t.com...
Our company deploys our .NET 2.0 apps to a network drive for them to be
run.
We are having issues with security in getting these to run. Below is a
sample
output for a job that is trying to call a DLL and failing.

Since the .NET 2.0 Config control panel applet is no longer included with
the framework, we ran the following command line to allow full trust on
Local
Intranet apps:

c:\windows\microsoft.net\framework\v2.0.50727\casp ol.exe -cg
LocalIntranet_Zone FullTrust
Is an IP address used in the path to the assembly? Are any machines running
Vista?

PS
>
However, looking at the error output, it seems as though it's putting our
assembly into the Internet zone, even though it's on a local network? Does
this mean we need to modify the Internet Options to explicitly allow that
network path? Why doesn't it automatically recognize that this is a Local
Intranet location, since it is internal to our AD domain?

Here is the error output:

-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~
Unhandled Exception: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.FileIOPermission,
mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
at System.Security.CodeAccessSecurityEngine.Check(Obj ect demand,
StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.Reflection.Assembly.VerifyCodeBaseDiscovery (String codeBase)
at System.Reflection.Assembly.GetName(Boolean copiedName)
at System.Reflection.Assembly.GetName()
at Mono.GetOptions.OptionList.ExtractEntryAssemblyInf o(Type optionsType)
at Mono.GetOptions.OptionList..ctor(Options optionBundle)
at Mono.GetOptions.Options.ProcessArgs(String[] args)
at TuitionSupervisorEmail.Program.Main(String[] args)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.FileIOPermission
The first permission that failed was:

The demand was for:

The granted set of the failing assembly was:

The assembly or AppDomain that failed was:
Mono.GetOptions, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
The method that caused the failure was:
Void ExtractEntryAssemblyInfo(System.Type)
The Zone of the assembly that failed was:
Internet
The Url of the assembly that failed was:
file://path/to/app/folder/Mono.GetOptions.DLL
-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~

Thanks,
toby

Feb 15 '07 #2

P: n/a


"PS" wrote:
>
"toby" <to**@discussions.microsoft.comwrote in message
news:3A**********************************@microsof t.com...
Our company deploys our .NET 2.0 apps to a network drive for them to be
run.
We are having issues with security in getting these to run. Below is a
sample
output for a job that is trying to call a DLL and failing.

Since the .NET 2.0 Config control panel applet is no longer included with
the framework, we ran the following command line to allow full trust on
Local
Intranet apps:

c:\windows\microsoft.net\framework\v2.0.50727\casp ol.exe -cg
LocalIntranet_Zone FullTrust

Is an IP address used in the path to the assembly? Are any machines running
Vista?

PS
Hello,

No, we were using a UNC path to run the app. I was able to work around this
by adding "file://server" to the Local Intranet zone under Internet Options.
I'm still not sure though, why this was turned into a file URI in the first
place.
Feb 15 '07 #3

P: n/a
PS

"toby" <to**@discussions.microsoft.comwrote in message
news:42**********************************@microsof t.com...
>

"PS" wrote:
>>
"toby" <to**@discussions.microsoft.comwrote in message
news:3A**********************************@microso ft.com...
Our company deploys our .NET 2.0 apps to a network drive for them to be
run.
We are having issues with security in getting these to run. Below is a
sample
output for a job that is trying to call a DLL and failing.

Since the .NET 2.0 Config control panel applet is no longer included
with
the framework, we ran the following command line to allow full trust on
Local
Intranet apps:

c:\windows\microsoft.net\framework\v2.0.50727\casp ol.exe -cg
LocalIntranet_Zone FullTrust

Is an IP address used in the path to the assembly? Are any machines
running
Vista?

PS

Hello,

No, we were using a UNC path to run the app. I was able to work around
this
by adding "file://server" to the Local Intranet zone under Internet
Options.
I'm still not sure though, why this was turned into a file URI in the
first
place.
I assume the computers were running IE7?

PS
Feb 15 '07 #4

This discussion thread is closed

Replies have been disabled for this discussion.