RE: Trying to run in partial trust (getting a PolicyException)

Thanks for your reply Dave,

This policy file is very informative for analyzie the CAS permission issue
here.

From the policy file ,you can get that the main ASP.NET specific
permissions are defined in the following permissionSet:

==========================
<PermissionSet class="NamedPermissionSet" version="1" Name="ASP.Net">
<IPermission class="AspNetHostingPermission" version="1"
Level="Medium" />
<IPermission class="ConfigurationPermission" version="1"
Unrestricted="true" />
<IPermission class="DnsPermission" version="1" Unrestricted="true" />
<IPermission class="EnvironmentPermission" version="1"
Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
<IPermission class="FileIOPermission" version="1" Read="$AppDir$"
Write="$AppDir$" Append="$AppDir$"
PathDiscovery="$AppDir$" />
<IPermission class="IsolatedStorageFilePermission" version="1"
Allowed="AssemblyIsolationByUser"
UserQuota="9223372036854775807" />
<IPermission class="OleDbPermission" version="1" Unrestricted="true"
/>
<IPermission class="PrintingPermission" version="1"
Level="DefaultPrinting" />
<IPermission class="ReflectionPermission" version="1"
Flags="ReflectionEmit, TypeInformation,
MemberAccess" />
<IPermission class="SecurityPermission" version="1"
Flags="Assertion, Execution,
ControlThread, ControlPrincipal, RemotingConfiguration" />
<IPermission class="SmtpPermission" version="1" Access="Connect" />
<IPermission class="SqlClientPermission" version="1"
Unrestricted="true" />
<IPermission class="WebPermission" version="1" Unrestricted="true" />
</PermissionSet>
==========================

you can find that there are serveral permission that is quite restricted,
e.g.

==============
<IPermission class="EnvironmentPermission" version="1"
Read="TEMP;TMP;USERNAME;OS;COMPUTERNAME" />
<IPermission class="FileIOPermission" version="1" Read="$AppDir$"
Write="$AppDir$" Append="$AppDir$"
PathDiscovery="$AppDir$" />

<IPermission class="SecurityPermission" version="1" Flags="Assertion,
Execution,
ControlThread, ControlPrincipal, RemotingConfiguration" />
==================

However, from the minmal permission set you checked through the
PermCalc.exe in former reply(as below), there have some items violate the
policy's permission set:

=====================
<Sandbox>
<PermissionSet version="1" class="System.Security.PermissionSet">
<IPermission version="1"
class="System.Security.Permissions.EnvironmentPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="true" />
<IPermission version="1"
class="System.Security.Permissions.FileIOPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="true" />
<IPermission version="1"
class="System.Security.Permissions.ReflectionPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Flags="MemberAccess" />
<IPermission version="1"
class="System.Security.Permissions.RegistryPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="true" />
<IPermission version="1"
class="System.Security.Permissions.SecurityPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Flags="UnmanagedCode, Execution, ControlThread, ControlEvidence" />
<IPermission Window="SafeSubWindows" Clipboard="OwnClipboard"
version="1" class="System.Security.Permissions.UIPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<IPermission version="1"
class="System.Security.Permissions.KeyContainerPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="true" />
<IPermission version="1" class="System.Net.SocketPermission, System,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="true" />
<IPermission version="1" class="System.Net.DnsPermission, System,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="true" />
</PermissionSet>
</Sandbox>
=================================

I think this should be the problem here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================



This posting is provided "AS IS" with no warranties, and confers no rights.





.

Relevant Pages

  • RE: Trying to run in partial trust (getting a PolicyException)
    ... RequestMinimum and the two items below were the only uses in all of my code. ... class="System.Security.Permissions.EnvironmentPermission, mscorlib, ... I think you can check the permission ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Trying to run in partial trust (getting a PolicyException)
    ... Dominick Baier, DevelopMentor ... class="System.Security.Permissions.EnvironmentPermission, mscorlib, ... I think you can check the permission ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Faillure to run .NET 2.0 app from UNC
    ... Could you also try to check the minimum grand set of permission your ... class="System.Security.Permissions.EnvironmentPermission, mscorlib, ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.dotnet.framework)
  • RE: Trying to run in partial trust (getting a PolicyException)
    ... class="System.Security.Permissions.EnvironmentPermission, mscorlib, ... .net CAS permission error when try running the application,correct? ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Trying to run in partial trust (getting a PolicyException)
    ... where does <Sandbox> come from? ... class="System.Security.Permissions.EnvironmentPermission, mscorlib, ... .net CAS permission error when try running the application,correct? ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)