|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Cannot Run Application on Windows Server 2003not run on Windows Server 2003. I have tried setting all of the security policies I can find, changedf the permissions on the directories, made sure the dll's are fully trusted, given the ASPNET account access to the directories and I still cannot get it to run. In this case it is trying to create a file. In another situation it is simply testing to see if a directory exists and that also fails. The application runs fine on XP. I know this has to do with FileOPermission but I simply do not know why Server 2003 will not allow the application to access the local file system. I have spent the best part of an entire day trying to figure this out and it seems like a lot of time to waste on such a simple problem. [SecurityException: Request for the permission of type System.Security.Permissions.FileIOPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, PermissionToken permToken) +675 System.Security.CodeAccessSecurityEngine.Check(PermissionToken permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames, Int32 unrestrictedOverride) +0 System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark) +88 System.Security.CodeAccessPermission.Demand() +62 System.IO.FileInfo..ctor(String fileName) +129 SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String value) in FileLogger.cs:317 SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String _filePath, String _outputPattern) in FileLogger.cs:158 SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String _filePath, String _outputPattern) in Logger.cs:459 SAIC.StandardClasses.StandardLogger..ctor(String strLoggerNamePassed) in StandardLogger.cs:37 SUAR.Global.Application_Start(Object sender, EventArgs e) in global.asax.cs:32 This is a Code Access Security problem, not a Windows file ACL problem. You
can tell because of the fact that a SecurityException was thrown here. Is the web application running under partial trust? That would seem to be the most likely case. This might be configured in the web.config or machine.config. Joe K. Show quoteHide quote "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... >I have a .NET web application that access the local file system and it will > not run on Windows Server 2003. > > I have tried setting all of the security policies I can find, changedf the > permissions on the directories, made sure the dll's are fully trusted, > given > the ASPNET account access to the directories and I still cannot get it to > run. > > In this case it is trying to create a file. In another situation it is > simply testing to see if a directory exists and that also fails. > > The application runs fine on XP. > > I know this has to do with FileOPermission but I simply do not know why > Server 2003 will not allow the application to access the local file > system. I > have spent the best part of an entire day trying to figure this out and it > seems like a lot of time to waste on such a simple problem. > > [SecurityException: Request for the permission of type > System.Security.Permissions.FileIOPermission, mscorlib, > Version=1.0.5000.0, > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, > PermissionToken permToken) +675 > System.Security.CodeAccessSecurityEngine.Check(PermissionToken > permToken, > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames, > Int32 unrestrictedOverride) +0 > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, > StackCrawlMark& stackMark) +88 > System.Security.CodeAccessPermission.Demand() +62 > System.IO.FileInfo..ctor(String fileName) +129 > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String > value) in FileLogger.cs:317 > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String _filePath, > String _outputPattern) in FileLogger.cs:158 > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String _filePath, > String _outputPattern) in Logger.cs:459 > SAIC.StandardClasses.StandardLogger..ctor(String strLoggerNamePassed) in > StandardLogger.cs:37 > SUAR.Global.Application_Start(Object sender, EventArgs e) in > global.asax.cs:32 > Joe. The machine.config is set for full trust...which is the default. There
is no overrides in the web.config. Both DLL's that are involved have unrestricted permissions according to the .NET configuration console. It certainly looks like the application is running under partial trust but if that is the case I sure do not know where that setting is coming from. I did not do anything with the trust levels when creating the applications. Show quoteHide quote "Joe Kaplan (MVP - ADSI)" wrote: > This is a Code Access Security problem, not a Windows file ACL problem. You > can tell because of the fact that a SecurityException was thrown here. > > Is the web application running under partial trust? That would seem to be > the most likely case. This might be configured in the web.config or > machine.config. > > Joe K. > > "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message > news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... > >I have a .NET web application that access the local file system and it will > > not run on Windows Server 2003. > > > > I have tried setting all of the security policies I can find, changedf the > > permissions on the directories, made sure the dll's are fully trusted, > > given > > the ASPNET account access to the directories and I still cannot get it to > > run. > > > > In this case it is trying to create a file. In another situation it is > > simply testing to see if a directory exists and that also fails. > > > > The application runs fine on XP. > > > > I know this has to do with FileOPermission but I simply do not know why > > Server 2003 will not allow the application to access the local file > > system. I > > have spent the best part of an entire day trying to figure this out and it > > seems like a lot of time to waste on such a simple problem. > > > > [SecurityException: Request for the permission of type > > System.Security.Permissions.FileIOPermission, mscorlib, > > Version=1.0.5000.0, > > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] > > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet > > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, > > PermissionToken permToken) +675 > > System.Security.CodeAccessSecurityEngine.Check(PermissionToken > > permToken, > > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames, > > Int32 unrestrictedOverride) +0 > > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, > > StackCrawlMark& stackMark) +88 > > System.Security.CodeAccessPermission.Demand() +62 > > System.IO.FileInfo..ctor(String fileName) +129 > > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String > > value) in FileLogger.cs:317 > > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String _filePath, > > String _outputPattern) in FileLogger.cs:158 > > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String _filePath, > > String _outputPattern) in Logger.cs:459 > > SAIC.StandardClasses.StandardLogger..ctor(String strLoggerNamePassed) in > > StandardLogger.cs:37 > > SUAR.Global.Application_Start(Object sender, EventArgs e) in > > global.asax.cs:32 > > > > > I'd check through the web.config files to see if there is one with a
trustLevel set it in. If there is SharePoint in the machine, that could easily be the culprit. Searching .config files for that text should turn something up. Joe K. Show quoteHide quote "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message news:ACC769A8-567B-4FC9-9254-E6CC4F98A3D7@microsoft.com... > Joe. The machine.config is set for full trust...which is the default. > There > is no overrides in the web.config. Both DLL's that are involved have > unrestricted permissions according to the .NET configuration console. > > It certainly looks like the application is running under partial trust but > if that is the case I sure do not know where that setting is coming from. > I > did not do anything with the trust levels when creating the applications. > > "Joe Kaplan (MVP - ADSI)" wrote: > >> This is a Code Access Security problem, not a Windows file ACL problem. >> You >> can tell because of the fact that a SecurityException was thrown here. >> >> Is the web application running under partial trust? That would seem to >> be >> the most likely case. This might be configured in the web.config or >> machine.config. >> >> Joe K. >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message >> news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... >> >I have a .NET web application that access the local file system and it >> >will >> > not run on Windows Server 2003. >> > >> > I have tried setting all of the security policies I can find, changedf >> > the >> > permissions on the directories, made sure the dll's are fully trusted, >> > given >> > the ASPNET account access to the directories and I still cannot get it >> > to >> > run. >> > >> > In this case it is trying to create a file. In another situation it is >> > simply testing to see if a directory exists and that also fails. >> > >> > The application runs fine on XP. >> > >> > I know this has to do with FileOPermission but I simply do not know why >> > Server 2003 will not allow the application to access the local file >> > system. I >> > have spent the best part of an entire day trying to figure this out and >> > it >> > seems like a lot of time to waste on such a simple problem. >> > >> > [SecurityException: Request for the permission of type >> > System.Security.Permissions.FileIOPermission, mscorlib, >> > Version=1.0.5000.0, >> > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] >> > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet >> > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, >> > PermissionToken permToken) +675 >> > System.Security.CodeAccessSecurityEngine.Check(PermissionToken >> > permToken, >> > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 >> > checkFrames, >> > Int32 unrestrictedOverride) +0 >> > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission >> > cap, >> > StackCrawlMark& stackMark) +88 >> > System.Security.CodeAccessPermission.Demand() +62 >> > System.IO.FileInfo..ctor(String fileName) +129 >> > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String >> > value) in FileLogger.cs:317 >> > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String >> > _filePath, >> > String _outputPattern) in FileLogger.cs:158 >> > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String >> > _filePath, >> > String _outputPattern) in Logger.cs:459 >> > SAIC.StandardClasses.StandardLogger..ctor(String strLoggerNamePassed) >> > in >> > StandardLogger.cs:37 >> > SUAR.Global.Application_Start(Object sender, EventArgs e) in >> > global.asax.cs:32 >> > >> >> >> Joe. The machine does have sharpoint on it. You are saying that I should
check the web.config files for the sharepoint stuff...I assume. I'll do that. Thanks for the help. Show quoteHide quote "Joe Kaplan (MVP - ADSI)" wrote: > I'd check through the web.config files to see if there is one with a > trustLevel set it in. If there is SharePoint in the machine, that could > easily be the culprit. Searching .config files for that text should turn > something up. > > Joe K. > > "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message > news:ACC769A8-567B-4FC9-9254-E6CC4F98A3D7@microsoft.com... > > Joe. The machine.config is set for full trust...which is the default. > > There > > is no overrides in the web.config. Both DLL's that are involved have > > unrestricted permissions according to the .NET configuration console. > > > > It certainly looks like the application is running under partial trust but > > if that is the case I sure do not know where that setting is coming from. > > I > > did not do anything with the trust levels when creating the applications. > > > > "Joe Kaplan (MVP - ADSI)" wrote: > > > >> This is a Code Access Security problem, not a Windows file ACL problem. > >> You > >> can tell because of the fact that a SecurityException was thrown here. > >> > >> Is the web application running under partial trust? That would seem to > >> be > >> the most likely case. This might be configured in the web.config or > >> machine.config. > >> > >> Joe K. > >> > >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message > >> news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... > >> >I have a .NET web application that access the local file system and it > >> >will > >> > not run on Windows Server 2003. > >> > > >> > I have tried setting all of the security policies I can find, changedf > >> > the > >> > permissions on the directories, made sure the dll's are fully trusted, > >> > given > >> > the ASPNET account access to the directories and I still cannot get it > >> > to > >> > run. > >> > > >> > In this case it is trying to create a file. In another situation it is > >> > simply testing to see if a directory exists and that also fails. > >> > > >> > The application runs fine on XP. > >> > > >> > I know this has to do with FileOPermission but I simply do not know why > >> > Server 2003 will not allow the application to access the local file > >> > system. I > >> > have spent the best part of an entire day trying to figure this out and > >> > it > >> > seems like a lot of time to waste on such a simple problem. > >> > > >> > [SecurityException: Request for the permission of type > >> > System.Security.Permissions.FileIOPermission, mscorlib, > >> > Version=1.0.5000.0, > >> > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] > >> > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet > >> > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, > >> > PermissionToken permToken) +675 > >> > System.Security.CodeAccessSecurityEngine.Check(PermissionToken > >> > permToken, > >> > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 > >> > checkFrames, > >> > Int32 unrestrictedOverride) +0 > >> > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission > >> > cap, > >> > StackCrawlMark& stackMark) +88 > >> > System.Security.CodeAccessPermission.Demand() +62 > >> > System.IO.FileInfo..ctor(String fileName) +129 > >> > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String > >> > value) in FileLogger.cs:317 > >> > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String > >> > _filePath, > >> > String _outputPattern) in FileLogger.cs:158 > >> > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String > >> > _filePath, > >> > String _outputPattern) in Logger.cs:459 > >> > SAIC.StandardClasses.StandardLogger..ctor(String strLoggerNamePassed) > >> > in > >> > StandardLogger.cs:37 > >> > SUAR.Global.Application_Start(Object sender, EventArgs e) in > >> > global.asax.cs:32 > >> > > >> > >> > >> > > > My guess is that there is a sharepoint web.config somewhere in the stack
that has a trustLevel declared in it. SharePoint is pretty notorious for running web applications under partial trust by default. Another thing you can do is if your component is in the GAC and you are ok with that, then your component should have FullTrust. Then, you can Assert the FileIOPermission from your code and that will cancel the stack walk into the code that doesn't have the permission that is triggering the exception. Note that Assertion is a potentially dangerous thing to do as it elevates permissions, but it may be what you want here. Part or your decision should be whether you want the app to run with partial trust or not. Right now it is. Joe K. Show quoteHide quote "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message news:BD00E4D7-7974-4178-975E-49B3F17CB13D@microsoft.com... > Joe. The machine does have sharpoint on it. You are saying that I should > check the web.config files for the sharepoint stuff...I assume. I'll do > that. > Thanks for the help. > > "Joe Kaplan (MVP - ADSI)" wrote: > >> I'd check through the web.config files to see if there is one with a >> trustLevel set it in. If there is SharePoint in the machine, that could >> easily be the culprit. Searching .config files for that text should turn >> something up. >> >> Joe K. >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message >> news:ACC769A8-567B-4FC9-9254-E6CC4F98A3D7@microsoft.com... >> > Joe. The machine.config is set for full trust...which is the default. >> > There >> > is no overrides in the web.config. Both DLL's that are involved have >> > unrestricted permissions according to the .NET configuration console. >> > >> > It certainly looks like the application is running under partial trust >> > but >> > if that is the case I sure do not know where that setting is coming >> > from. >> > I >> > did not do anything with the trust levels when creating the >> > applications. >> > >> > "Joe Kaplan (MVP - ADSI)" wrote: >> > >> >> This is a Code Access Security problem, not a Windows file ACL >> >> problem. >> >> You >> >> can tell because of the fact that a SecurityException was thrown here. >> >> >> >> Is the web application running under partial trust? That would seem >> >> to >> >> be >> >> the most likely case. This might be configured in the web.config or >> >> machine.config. >> >> >> >> Joe K. >> >> >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in >> >> message >> >> news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... >> >> >I have a .NET web application that access the local file system and >> >> >it >> >> >will >> >> > not run on Windows Server 2003. >> >> > >> >> > I have tried setting all of the security policies I can find, >> >> > changedf >> >> > the >> >> > permissions on the directories, made sure the dll's are fully >> >> > trusted, >> >> > given >> >> > the ASPNET account access to the directories and I still cannot get >> >> > it >> >> > to >> >> > run. >> >> > >> >> > In this case it is trying to create a file. In another situation it >> >> > is >> >> > simply testing to see if a directory exists and that also fails. >> >> > >> >> > The application runs fine on XP. >> >> > >> >> > I know this has to do with FileOPermission but I simply do not know >> >> > why >> >> > Server 2003 will not allow the application to access the local file >> >> > system. I >> >> > have spent the best part of an entire day trying to figure this out >> >> > and >> >> > it >> >> > seems like a lot of time to waste on such a simple problem. >> >> > >> >> > [SecurityException: Request for the permission of type >> >> > System.Security.Permissions.FileIOPermission, mscorlib, >> >> > Version=1.0.5000.0, >> >> > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] >> >> > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet >> >> > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, >> >> > PermissionToken permToken) +675 >> >> > System.Security.CodeAccessSecurityEngine.Check(PermissionToken >> >> > permToken, >> >> > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 >> >> > checkFrames, >> >> > Int32 unrestrictedOverride) +0 >> >> > >> >> > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission >> >> > cap, >> >> > StackCrawlMark& stackMark) +88 >> >> > System.Security.CodeAccessPermission.Demand() +62 >> >> > System.IO.FileInfo..ctor(String fileName) +129 >> >> > >> >> > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String >> >> > value) in FileLogger.cs:317 >> >> > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String >> >> > _filePath, >> >> > String _outputPattern) in FileLogger.cs:158 >> >> > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String >> >> > _filePath, >> >> > String _outputPattern) in Logger.cs:459 >> >> > SAIC.StandardClasses.StandardLogger..ctor(String >> >> > strLoggerNamePassed) >> >> > in >> >> > StandardLogger.cs:37 >> >> > SUAR.Global.Application_Start(Object sender, EventArgs e) in >> >> > global.asax.cs:32 >> >> > >> >> >> >> >> >> >> >> >> Joe. I think I am making progress. I added the request for unrestricted
FileIOPermission to my AssmeblyInfo files and "trust level=full" to my web.config and I now get past the point where the loading of the dll is forbidden because of security. I am still getting an access denied when I try to actually create the file and write to it but the error looks like a windows access denied error so I need to look into that. In any case, my dll's are getting loaded even though they ask for unrestricted FileIOPermission so it looks like I am past the original problem. Thanks again for your help. Show quoteHide quote "Joe Kaplan (MVP - ADSI)" wrote: > My guess is that there is a sharepoint web.config somewhere in the stack > that has a trustLevel declared in it. SharePoint is pretty notorious for > running web applications under partial trust by default. > > Another thing you can do is if your component is in the GAC and you are ok > with that, then your component should have FullTrust. Then, you can Assert > the FileIOPermission from your code and that will cancel the stack walk into > the code that doesn't have the permission that is triggering the exception. > Note that Assertion is a potentially dangerous thing to do as it elevates > permissions, but it may be what you want here. > > Part or your decision should be whether you want the app to run with partial > trust or not. Right now it is. > > Joe K. > > "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message > news:BD00E4D7-7974-4178-975E-49B3F17CB13D@microsoft.com... > > Joe. The machine does have sharpoint on it. You are saying that I should > > check the web.config files for the sharepoint stuff...I assume. I'll do > > that. > > Thanks for the help. > > > > "Joe Kaplan (MVP - ADSI)" wrote: > > > >> I'd check through the web.config files to see if there is one with a > >> trustLevel set it in. If there is SharePoint in the machine, that could > >> easily be the culprit. Searching .config files for that text should turn > >> something up. > >> > >> Joe K. > >> > >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message > >> news:ACC769A8-567B-4FC9-9254-E6CC4F98A3D7@microsoft.com... > >> > Joe. The machine.config is set for full trust...which is the default. > >> > There > >> > is no overrides in the web.config. Both DLL's that are involved have > >> > unrestricted permissions according to the .NET configuration console. > >> > > >> > It certainly looks like the application is running under partial trust > >> > but > >> > if that is the case I sure do not know where that setting is coming > >> > from. > >> > I > >> > did not do anything with the trust levels when creating the > >> > applications. > >> > > >> > "Joe Kaplan (MVP - ADSI)" wrote: > >> > > >> >> This is a Code Access Security problem, not a Windows file ACL > >> >> problem. > >> >> You > >> >> can tell because of the fact that a SecurityException was thrown here. > >> >> > >> >> Is the web application running under partial trust? That would seem > >> >> to > >> >> be > >> >> the most likely case. This might be configured in the web.config or > >> >> machine.config. > >> >> > >> >> Joe K. > >> >> > >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in > >> >> message > >> >> news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... > >> >> >I have a .NET web application that access the local file system and > >> >> >it > >> >> >will > >> >> > not run on Windows Server 2003. > >> >> > > >> >> > I have tried setting all of the security policies I can find, > >> >> > changedf > >> >> > the > >> >> > permissions on the directories, made sure the dll's are fully > >> >> > trusted, > >> >> > given > >> >> > the ASPNET account access to the directories and I still cannot get > >> >> > it > >> >> > to > >> >> > run. > >> >> > > >> >> > In this case it is trying to create a file. In another situation it > >> >> > is > >> >> > simply testing to see if a directory exists and that also fails. > >> >> > > >> >> > The application runs fine on XP. > >> >> > > >> >> > I know this has to do with FileOPermission but I simply do not know > >> >> > why > >> >> > Server 2003 will not allow the application to access the local file > >> >> > system. I > >> >> > have spent the best part of an entire day trying to figure this out > >> >> > and > >> >> > it > >> >> > seems like a lot of time to waste on such a simple problem. > >> >> > > >> >> > [SecurityException: Request for the permission of type > >> >> > System.Security.Permissions.FileIOPermission, mscorlib, > >> >> > Version=1.0.5000.0, > >> >> > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] > >> >> > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet > >> >> > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, > >> >> > PermissionToken permToken) +675 > >> >> > System.Security.CodeAccessSecurityEngine.Check(PermissionToken > >> >> > permToken, > >> >> > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 > >> >> > checkFrames, > >> >> > Int32 unrestrictedOverride) +0 > >> >> > > >> >> > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission > >> >> > cap, > >> >> > StackCrawlMark& stackMark) +88 > >> >> > System.Security.CodeAccessPermission.Demand() +62 > >> >> > System.IO.FileInfo..ctor(String fileName) +129 > >> >> > > >> >> > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String > >> >> > value) in FileLogger.cs:317 > >> >> > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String > >> >> > _filePath, > >> >> > String _outputPattern) in FileLogger.cs:158 > >> >> > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String > >> >> > _filePath, > >> >> > String _outputPattern) in Logger.cs:459 > >> >> > SAIC.StandardClasses.StandardLogger..ctor(String > >> >> > strLoggerNamePassed) > >> >> > in > >> >> > StandardLogger.cs:37 > >> >> > SUAR.Global.Application_Start(Object sender, EventArgs e) in > >> >> > global.asax.cs:32 > >> >> > > >> >> > >> >> > >> >> > >> > >> > >> > > > The Windows security problem (probaby UnauthorizedAccessException?) can be
fixed by making sure the user who is trying to make the change has the necessary rights on the file in question. That can also be hard to combat, but there are numerous techniques available. Using Windows security auditing can be very helpful as well as tools like Filemon. Best of luck, Joe K. Show quoteHide quote "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message news:6A83E969-8136-4BA6-9EC0-7137F503FDC2@microsoft.com... > Joe. I think I am making progress. I added the request for unrestricted > FileIOPermission to my AssmeblyInfo files and "trust level=full" to my > web.config and I now get past the point where the loading of the dll is > forbidden because of security. I am still getting an access denied when I > try > to actually create the file and write to it but the error looks like a > windows access denied error so I need to look into that. > > In any case, my dll's are getting loaded even though they ask for > unrestricted FileIOPermission so it looks like I am past the original > problem. > > Thanks again for your help. > > "Joe Kaplan (MVP - ADSI)" wrote: > >> My guess is that there is a sharepoint web.config somewhere in the stack >> that has a trustLevel declared in it. SharePoint is pretty notorious for >> running web applications under partial trust by default. >> >> Another thing you can do is if your component is in the GAC and you are >> ok >> with that, then your component should have FullTrust. Then, you can >> Assert >> the FileIOPermission from your code and that will cancel the stack walk >> into >> the code that doesn't have the permission that is triggering the >> exception. >> Note that Assertion is a potentially dangerous thing to do as it elevates >> permissions, but it may be what you want here. >> >> Part or your decision should be whether you want the app to run with >> partial >> trust or not. Right now it is. >> >> Joe K. >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in message >> news:BD00E4D7-7974-4178-975E-49B3F17CB13D@microsoft.com... >> > Joe. The machine does have sharpoint on it. You are saying that I >> > should >> > check the web.config files for the sharepoint stuff...I assume. I'll do >> > that. >> > Thanks for the help. >> > >> > "Joe Kaplan (MVP - ADSI)" wrote: >> > >> >> I'd check through the web.config files to see if there is one with a >> >> trustLevel set it in. If there is SharePoint in the machine, that >> >> could >> >> easily be the culprit. Searching .config files for that text should >> >> turn >> >> something up. >> >> >> >> Joe K. >> >> >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in >> >> message >> >> news:ACC769A8-567B-4FC9-9254-E6CC4F98A3D7@microsoft.com... >> >> > Joe. The machine.config is set for full trust...which is the >> >> > default. >> >> > There >> >> > is no overrides in the web.config. Both DLL's that are involved have >> >> > unrestricted permissions according to the .NET configuration >> >> > console. >> >> > >> >> > It certainly looks like the application is running under partial >> >> > trust >> >> > but >> >> > if that is the case I sure do not know where that setting is coming >> >> > from. >> >> > I >> >> > did not do anything with the trust levels when creating the >> >> > applications. >> >> > >> >> > "Joe Kaplan (MVP - ADSI)" wrote: >> >> > >> >> >> This is a Code Access Security problem, not a Windows file ACL >> >> >> problem. >> >> >> You >> >> >> can tell because of the fact that a SecurityException was thrown >> >> >> here. >> >> >> >> >> >> Is the web application running under partial trust? That would >> >> >> seem >> >> >> to >> >> >> be >> >> >> the most likely case. This might be configured in the web.config >> >> >> or >> >> >> machine.config. >> >> >> >> >> >> Joe K. >> >> >> >> >> >> "Larry Martin" <LarryMar***@discussions.microsoft.com> wrote in >> >> >> message >> >> >> news:047A3A57-00A9-4724-AC89-05E27C54118D@microsoft.com... >> >> >> >I have a .NET web application that access the local file system >> >> >> >and >> >> >> >it >> >> >> >will >> >> >> > not run on Windows Server 2003. >> >> >> > >> >> >> > I have tried setting all of the security policies I can find, >> >> >> > changedf >> >> >> > the >> >> >> > permissions on the directories, made sure the dll's are fully >> >> >> > trusted, >> >> >> > given >> >> >> > the ASPNET account access to the directories and I still cannot >> >> >> > get >> >> >> > it >> >> >> > to >> >> >> > run. >> >> >> > >> >> >> > In this case it is trying to create a file. In another situation >> >> >> > it >> >> >> > is >> >> >> > simply testing to see if a directory exists and that also fails. >> >> >> > >> >> >> > The application runs fine on XP. >> >> >> > >> >> >> > I know this has to do with FileOPermission but I simply do not >> >> >> > know >> >> >> > why >> >> >> > Server 2003 will not allow the application to access the local >> >> >> > file >> >> >> > system. I >> >> >> > have spent the best part of an entire day trying to figure this >> >> >> > out >> >> >> > and >> >> >> > it >> >> >> > seems like a lot of time to waste on such a simple problem. >> >> >> > >> >> >> > [SecurityException: Request for the permission of type >> >> >> > System.Security.Permissions.FileIOPermission, mscorlib, >> >> >> > Version=1.0.5000.0, >> >> >> > Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.] >> >> >> > >> >> >> > System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet >> >> >> > grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, >> >> >> > PermissionToken permToken) +675 >> >> >> > System.Security.CodeAccessSecurityEngine.Check(PermissionToken >> >> >> > permToken, >> >> >> > CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 >> >> >> > checkFrames, >> >> >> > Int32 unrestrictedOverride) +0 >> >> >> > >> >> >> > System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission >> >> >> > cap, >> >> >> > StackCrawlMark& stackMark) +88 >> >> >> > System.Security.CodeAccessPermission.Demand() +62 >> >> >> > System.IO.FileInfo..ctor(String fileName) +129 >> >> >> > >> >> >> > SAIC.StandardClasses.Logging.Loggers.FileLogger.set_FilePath(String >> >> >> > value) in FileLogger.cs:317 >> >> >> > SAIC.StandardClasses.Logging.Loggers.FileLogger..ctor(String >> >> >> > _filePath, >> >> >> > String _outputPattern) in FileLogger.cs:158 >> >> >> > SAIC.StandardClasses.Logging.Logger.CreateFileLogger(String >> >> >> > _filePath, >> >> >> > String _outputPattern) in Logger.cs:459 >> >> >> > SAIC.StandardClasses.StandardLogger..ctor(String >> >> >> > strLoggerNamePassed) >> >> >> > in >> >> >> > StandardLogger.cs:37 >> >> >> > SUAR.Global.Application_Start(Object sender, EventArgs e) in >> >> >> > global.asax.cs:32 >> >> >> > >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> 
Other interesting topics
Changing folder security
RE: Designtime licenses, I just don't get it Custom principles and DnsPermission.Demand() X.509 certificates and httpwebrequest User's Privileges ?cannot be instantiated under a partially trusted security policy (AllowPartiallyTrustedCallersAttri Change in ASP.Net authentication between Win2000 and Win2003 Sharing Application and Session scope with ASP in IIS6 HELP Security in .Net framework revoke Windows authentication credentials for a session |
|||||||||||||||||||||||
