« SQL Server Express | Main | Decline in PDA market »

October 27, 2004

RE: Giving a Mapped Network Drive "FullTrust" with .NET Code Access Security

From Scott Hanselman...


I'm saving this so I can find it easily later. Chris Sells has a
post that describes how to give a Mapped Network Drive "FullTrust." Thanks
Chris!




[When loading a Project from a Network Drive (like Z:\, perhaps within a VPC)
you may receive:]




The project location is not trusted.

Running the application may result in security exceptions when it

attempts to perform actions which require full trust.




What's happening is that VS is detecting that the project on the network drive
is getting Intranet permissions according to the good and true workings of .NET Code
Access Security (CAS). However, since I'm just trying to pretend that Z is on my PC
(and, in fact, it is), I want it to have FullTrust permissions.



To accomplish this, you need to add a new Code Group with an URL membership permission
specifying the folder (in URL form) to which you'd like to grant full trust. You can
do with the .NET Framework Configuration tool or you can do it from the command line
like so:



c:\>caspol -q -machine -addgroup 1 -url file://z:/*
FullTrust -name "Z Drive"





Once this new code group is in place, any new .NET processes you start will give any
assemblies on the Z drive full trust.



Since awarding new permissions, full trust or not, to any chunk of code is something
that can cause a security hole, be careful.



[Via ComputerZen.com - Scott Hanselman's Weblog]

Posted by mikel at October 27, 2004 08:54 AM

Trackback Pings

TrackBack URL for this entry:
http://WWW.mjberger.COM/cgi-bin/mt-tb.cgi/43

Comments

Post a comment

Thanks for signing in, . Now you can comment. (sign out)

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


Remember me?