When you host a .NET application on a remote network share, you may receive a System.SecurityException exception error message or a security warning message.

The Code Access Security Policy tool (CASPOL) enables administrators to modify security policy for the machine policy level, the user policy level, and the enterprise policy level.

Table of Contents

    Caspol is used to fully trust a remote share, since by default network shares only get LocalIntranet permissions.

    Using Caspol.exe to Grant .NET Applications Rights to a Remote Network Share image 1

    The solution for the System.SecurityException exception error message is to use caspol to grant a .NET application the FullTrust right to a network share. To do this:

    1. Launch a command prompt with administrative credentials

    2. Change to the C:\Windows\Microsoft.NET\Framework\v2.0.50727 directory.

    3. Run the following command:

    caspol -m -ag 1 -url "file://\\server\share\*" FullTrust -exclusive on

    Replace \\server\share\ with the path to your .NET application located on the remote network share.

    Running the above command allowed me to resolve the following IIS 7.0 error:

    SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed

    By the way, .NET Framework 3.5 SP1 allows managed code to be launched from a network share.

    References:
    http://support.microsoft.com/?id=320268
    http://blogs.msdn.com/shawnfa/archive/2004/12/30/344554.aspx
    http://books.google.com/books?id=VJOtwMawoswC&pg=PA576&lpg=PA576&dq=iis+7.0+caspol.exe&source=bl&ots=W88GOo1Cfp&sig=U8sBtcNzbaSgPTghAp519S9O3sM&hl=en&ei=o1zSSeafEobmnQfHrbzlBQ&sa=X&oi=book_result&resnum=1&ct=result
    http://www.iislogs.com/articles/23/
    http://support.microsoft.com/kb/837909
    http://www.sharepointblogs.com/ssa/archive/2007/09/06/using-caspol-exe-to-add-assemblies-to-full-trust-assembly-list.aspx
    http://www.dotnetjunkies.ddj.com/quickstart/howto/doc/security/SecScripting.aspx

    Leave a Reply

    Your email address will not be published. Required fields are marked *