RE: System.Security.Permissions.FileIOPermission

From: Keith Brown (Brown_at_discussions.microsoft.com)
Date: 06/12/04

  • Next message: Eric Phetteplace: "Re: System.Security.Permissions.FileIOPermission"
    Date: Fri, 11 Jun 2004 16:12:01 -0700
    
    

    Hey Eric,

    You definitely do NOT want to make the SecurityPermission unrestricted. That has no effect at all on the FileIOPermission, which is what you really want to fix, but what it does do is grant all *sorts* of scary permissions (like ControlPolicy, which allows you to set SecurityManager.SecurityEnabled=false and turn off all of CAS!)

    You have a couple of choices: you can either move your functionality into an assembly in the GAC (where it will be fully trusted) and mark your assembly with the AllowPartiallyTrustedCallers attribute, or you can change policy like you were suggesting by adding an element for FileIOPermission, either making it unrestricted or (even better) specifying the exact directory and permission level you need to grant.

    Keith Brown, MVP
    http://www.pluralsight.com


  • Next message: Eric Phetteplace: "Re: System.Security.Permissions.FileIOPermission"