Running App from Share

http://msdn.microsoft.com/library/de...ecpoladmin.asp
"Derek Martin" <dm*****@DONTSPAMMEokstate.edu> wrote in message
news:OQ**************@tk2msftngp13.phx.gbl...

Good morning everyone! I have FINALLY finished my crazy go nuts 80,000 line custom built app and am getting ready to do some testing and have already
run into a little problem. The app needs to be run from a share, not
locally and when attempting to do that, I get this neat message:
System.Security.SecurityException

What does one need to do to permit this type of activity?

Thanks!
Derek

The reason you're getting this error is applications that are loaded from a
network share are denied permission to do certain tasks. For example, the
error you received said that your application requested a
System.Security.Permissions.FileIOPermission (it wanted to read from your
local disk) but it was denied.

The technology in .NET that manages this is called Code Access Security
(CAS). Basically every time the CLR loads an assembly (EXE or DLL) it
gathers evidence about it like where the file was located, what it's public
key is, if it has a certain hash or digital signature and so on. Based on
this evidence it grants certain permissions to the code in the assembly and
denies others. Code loaded from your local hard drive has Full Trust,
meaning that the CLR will allow all code in the assembly to run (however
Windows security is still enforced).

As far as deployment goes, what you are trying to do is called No-Touch
Deployment or Smart Client Deployment. It is a great feature of .NET and it
allows full featured Windows Forms apps to be deployed almost as easily as a
web app.

There are tons of great articles and webcasts out there on these topics,
some of which are linked to at http://www.tvbug.com/diary/20030923.htm

--
Rob Windsor [MVP-VB]
G6 Consulting
Toronto, Canada
"Derek Martin" <dm*****@DONTSPAMMEokstate.edu> wrote in message
news:OQ**************@tk2msftngp13.phx.gbl...

Good morning everyone! I have FINALLY finished my crazy go nuts 80,000 line custom built app and am getting ready to do some testing and have already
run into a little problem. The app needs to be run from a share, not
locally and when attempting to do that, I get this neat message:
System.Security.SecurityException

What does one need to do to permit this type of activity?

Thanks!
Derek

Thanks Rob, I will check into that!

Derek
"Rob Windsor [MVP]" <rw******@NO.MORE.SPAM.bigfoot.com> wrote in message
news:OV**************@TK2MSFTNGP11.phx.gbl...

The reason you're getting this error is applications that are loaded from a network share are denied permission to do certain tasks. For example, the
error you received said that your application requested a
System.Security.Permissions.FileIOPermission (it wanted to read from your
local disk) but it was denied.

The technology in .NET that manages this is called Code Access Security
(CAS). Basically every time the CLR loads an assembly (EXE or DLL) it
gathers evidence about it like where the file was located, what it's public key is, if it has a certain hash or digital signature and so on. Based on
this evidence it grants certain permissions to the code in the assembly and denies others. Code loaded from your local hard drive has Full Trust,
meaning that the CLR will allow all code in the assembly to run (however
Windows security is still enforced).

As far as deployment goes, what you are trying to do is called No-Touch
Deployment or Smart Client Deployment. It is a great feature of .NET and it allows full featured Windows Forms apps to be deployed almost as easily as a web app.

There are tons of great articles and webcasts out there on these topics,
some of which are linked to at http://www.tvbug.com/diary/20030923.htm

--
Rob Windsor [MVP-VB]
G6 Consulting
Toronto, Canada
"Derek Martin" <dm*****@DONTSPAMMEokstate.edu> wrote in message
news:OQ**************@tk2msftngp13.phx.gbl...

Good morning everyone! I have FINALLY finished my crazy go nuts 80,000

line

custom built app and am getting ready to do some testing and have already run into a little problem. The app needs to be run from a share, not
locally and when attempting to do that, I get this neat message:
System.Security.SecurityException

What does one need to do to permit this type of activity?

Thanks!
Derek

Hey Rob, okay, I did an Enterprise Policy based on the Hash of the exe file
and created a deployment package. It appears to work for users on the local
machine's power users group, but not for other users (as most users will not
be a power user)...the enterprise level on those machines is read only.
This is happening if the policy directive msi file is being run by that
user. Is there a way around that, ie, run it at login and it will get
applied?

Thanks,
Derek
"Rob Windsor [MVP]" <rw******@NO.MORE.SPAM.bigfoot.com> wrote in message
news:OV**************@TK2MSFTNGP11.phx.gbl...

The reason you're getting this error is applications that are loaded from a network share are denied permission to do certain tasks. For example, the
error you received said that your application requested a
System.Security.Permissions.FileIOPermission (it wanted to read from your
local disk) but it was denied.

The technology in .NET that manages this is called Code Access Security
(CAS). Basically every time the CLR loads an assembly (EXE or DLL) it
gathers evidence about it like where the file was located, what it's public key is, if it has a certain hash or digital signature and so on. Based on
this evidence it grants certain permissions to the code in the assembly and denies others. Code loaded from your local hard drive has Full Trust,
meaning that the CLR will allow all code in the assembly to run (however
Windows security is still enforced).

As far as deployment goes, what you are trying to do is called No-Touch
Deployment or Smart Client Deployment. It is a great feature of .NET and it allows full featured Windows Forms apps to be deployed almost as easily as a web app.

There are tons of great articles and webcasts out there on these topics,
some of which are linked to at http://www.tvbug.com/diary/20030923.htm

--
Rob Windsor [MVP-VB]
G6 Consulting
Toronto, Canada
"Derek Martin" <dm*****@DONTSPAMMEokstate.edu> wrote in message
news:OQ**************@tk2msftngp13.phx.gbl...

Good morning everyone! I have FINALLY finished my crazy go nuts 80,000

line

custom built app and am getting ready to do some testing and have already run into a little problem. The app needs to be run from a share, not
locally and when attempting to do that, I get this neat message:
System.Security.SecurityException

What does one need to do to permit this type of activity?

Thanks!
Derek