Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Security policy error

Posted on 2006-11-02
13
Medium Priority
?
275 Views
Last Modified: 2008-03-17
I was getting a security error when trying to shell or use Process.Start to run an external program.  This happened when I tried to run it from a network drive.  After giving 'Local Intranet' full trust in the .NET configuration, then it worked, but now when I compile the program and run it from another workstation (launching it from a network drive), I get the following error:

"Application attempted to perform an operation not allowd by the security policy..."

I'm sure I can change the .NET config to make it work (just like what I did on my workstation), but there must be a way in Visual Studio to turn off whatever is causing this.  The program must be saying "don't launch a program if it's not from a trusted site."  Does anyone know what I need to do to disable this?

Thanks for the help!
BPL
0
Comment
Question by:bpl5000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
13 Comments
 
LVL 10

Expert Comment

by:Kinger247
ID: 17859723
Hi bpl5000, just for a quick test can you select the security tab in 'My Project'. Then select 'Enable ClickOnce Security Settings' - make sure the 'This is a full trust application' is selected. And see if this works for you .
0
 
LVL 5

Author Comment

by:bpl5000
ID: 17859795
I already tried the 'Enable ClickOnce Security Settings" with full trust, but it didn't work.  When running it within the studio, as soon as it tries to launch the external program, it gives the error:

"Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed."

But I can change the Local Intranet to Full Trust in the .NET config on my PC and it works.  Any other ideas?
0
 
LVL 10

Accepted Solution

by:
Kinger247 earned 2000 total points
ID: 17861639
As I understand it, the most restrictive will apply with permissions.

We've tried 2 things here:

1. Configuring your machine to make an external assembly safe to run on your machine, and so override the applications permissions whatever they are.

2. Make an application instruct your machine that its safe to run on your machine.

Number 2 is a terrible floor, as that means all rogue apps will execute on your files !

So I reckon number 1 is your only option :)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Author Comment

by:bpl5000
ID: 17862630
Ok, but I'm not concerned about having the app run on my computer... I'm concerned about having it run on the PC's in our network when launched from the network.  Before when I was using VB6, all I had do is compile it and it worked no matter when I launched it from.

With that said, will option 1 or 2 allow me to do what I want to do, or will this just allow me to run it on my PC?
0
 
LVL 10

Expert Comment

by:Kinger247
ID: 17863179
Just one last final question .. when you run the application from the network, how have you saved the files to the network ?
Are they published ?  if not try that.
0
 
LVL 5

Author Comment

by:bpl5000
ID: 17863479
It does work if I publish, but then I have to run a setup.exe file that brings up a "Launching Application" box and in the box is says "Verifying application requirements. This may take a few minutes."

Maybe I should explain what it is I want to do.  I am making an app that will give a choice to launch several programs.  Just for an example, lets say the programs are notepad.exe, calc.exe and sol.exe.  There is a button on the form for each program... press the button and the program launches.

Everything works fine until the external program is about to launch.  Then the program says OH MY GOD... BIG SECURITY POLICY VIOLATION HERE!  I don't get it and it's sooooooooo frustrating.  All I want to do is make a simple app that will execute external programs.  Of course if I run the program from my hard drive, it works fine.
0
 
LVL 11

Expert Comment

by:melmers
ID: 17864405
Have you tried to map the networkpath to a Driveletter ?
Is yout Network running in a Workgroupenvironment or are you running a domain server with Activedirectory?
0
 
LVL 10

Expert Comment

by:Kinger247
ID: 17865099
Ah, then its the setup thats activating the use your application from a network share.
So like I said earlier as point (1) Configuring your machine to make an external assembly safe to run on your machine, and so override the applications permissions whatever they are.

Is creating and using a setup so bad ?

I see your frustration, but then with the new security structure in .net I see the reasons why this needs to be done. Otherwise any malicious app would be able to run on your machine and download and run others without you knowing.
0
 
LVL 5

Author Comment

by:bpl5000
ID: 17865881
melmers, it is a mapped drive in a workgroup environment.

Kinger, as for point (1), that would fix it on my PC only, correct?

The other thing that I should note is that I wrote the app in VB6 and it worked fine so I don't see how it promotes security?  If this is suppose to stop people from running malicius apps, then it doesn't work because they can write their apps in VB6 or any other non .net language.

I really think there is some setting in Visual Studio that I need to disable.
0
 
LVL 10

Expert Comment

by:Kinger247
ID: 17866246
Vb6 has little or no security it runs on the operating-sys where as .net apps work on the net-clr platform.
Point(1) will work for all stations but you'll need to perform the config on all stations - as they have .net installed.

If there is a setting somewhere I'd be very suprised indeed !
0
 
LVL 5

Author Comment

by:bpl5000
ID: 17874546
Well I can't seem to find any setting so I think you are right Kinger.  Looks like I can solve the problem by pushing out the following command to all my workstations:

CasPol.exe -q -m -ag 1.2 -url file://Server/Share* FullTrust -name "Network1"

The "-ag 1.2" refers to the Local Intranet.  If I wanted to trust all shares on the network, I could run

CasPol.exe -q -m -ag 1.2 -url file://* FullTrust -name "Network1"

Thanks for the help Kinger!
0
 
LVL 5

Author Comment

by:bpl5000
ID: 17874552
I made a mistake in my last post... there should be a "/" after "file://Server/Share".  It should look like this:

CasPol.exe -q -m -ag 1.2 -url file://Server/Share/* FullTrust -name "Network1"
0
 
LVL 10

Expert Comment

by:Kinger247
ID: 17875790
no problem ;)
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to create and use a custom WaterMark textbox class.  The custom WaterMark textbox class allows you to set the WaterMark Background Color and WaterMark text at design time.   IMAGE OF WATERMARKS STEPS Create VB …
Article by: jpaulino
XML Literals are a great way to handle XML files and the community doesn’t use it as much as it should.  An XML Literal is like a String (http://msdn.microsoft.com/en-us/library/system.string.aspx) Literal, only instead of starting and ending with w…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question