Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Required permissions cannot be acquired.

Posted on 2006-11-20
4
Medium Priority
?
460 Views
Last Modified: 2008-02-01
My Hosting company had applied a security update has been applied to the wev server that has affected my ASP.NET 2.0 code. They are telling me that "inorder to  my  DLLs will need to be modified to use the AllowPartiallyTrustedCallersAttribute class and republished.


They have provided me with the following link for more details on this attribute.
http://msdn2.microsoft.com/en-us/library/system.security.allowpartiallytrustedcallersattribute(VS.80).aspx 


Can any one advice what exactly  i need to do get this working at my end.


0
Comment
Question by:GSK_DEV
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
alecpotts earned 2000 total points
ID: 17985950
Hi,

Allowing partially trusted callers on all of your code is a huge security risk. You should only use it with caution, and if absolutely necessary....and if you're sure your code is secure enough and has been through a thorough review...! Have they explained to you exactly WHY this is now necessary??

If I were you, I would seriously consider getting a new hosting company...!!

Some info on partial trust code / environments and risks here:

http://blogs.msdn.com/shawnfa/archive/2005/02/04/367390.aspx

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dv_vstechart/html/vbtchSecurityConcernsForVisualBasicNETProgrammers.asp

http://msdn2.microsoft.com/en-gb/library/ms182297(VS.80).aspx

(see section on APCTA - Allow Partially Trusted Callers Attribute)
http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.NETFramework2SecurityChecklist

It sounds like they don't really understand what they're a) doing or b) asking of you. If you DO understand all of the risks and everything else and want to go ahead anyway, what you need to do is add the attribute, above your namespace declaration and below your using statements. It's it the System.Security namespace so you'll need that too..

....
using System.Security;

[assembly:AllowPartiallyTrustedCallers]
.....

Some more info here:
http://vishalsreddy.wordpress.com/tag/aspnet/c/

Hope that helps...
Regards
Alec

0
 
LVL 3

Expert Comment

by:alecpotts
ID: 18027649
Hi GSK_DEV,

Any joy with that??

Alec
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In .NET 2.0, Microsoft introduced the Web Site.  This was the default way to create a web Project in Visual Studio 2005.  In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Si…
ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question