How to tell an XP workstation to trust an exe on a network share, and read envir variables

I have a .net 2.0 app that I developed in VisualStudio2005. It works fine when I run the exe locally on a workstation with WinXP SP2. But if I try to run the same app off of a network share on my local intranet, I get the following error (excerpt):
=======================================================
System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessPermission.Demand()
   at System.Windows.Forms.Application.Exit(CancelEventArgs e)
   at System.Windows.Forms.Application.Exit()
================================================
I found some info online which recommended that I run the following on the cmd line at the workstation:
C:\>cd c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727
caspol -m -cg LocalIntranet_Zone -allcode FullTrust
The above worked although I got a subsequent error (outlined farther below). Even if it had worked completely, Im not sure my data-security department will allow me to run this on all clients that need to access the exe. Id like to limit it to trust just to a particular network share (e.g. \\aserver\ashare$).
Second, even after I ran the caspol on the workstation, my code runs, but then I throw a subsequent error when trying to READ an environment variable. Here is my vb.net code

strFilePath = Environment.GetEnvironmentVariable("AnApp_CONFIG").ToUpper

Using .net 2.0, how do I configure the workstations so that they a) can run an executable on a network share and b) they allow that network-executable to read their local environment variables?
bobgato111Asked:
Who is Participating?
 
dhwanilshahCommented:
Try this -

%windir%\Microsoft.NET\Framework\v2.0.50727\caspol.exe -m -pp off -ag All_Code -url file://\\network-mac\share-fol\* FullTrust -exclusive on -name "MyTrustedApp"

-m = at machine level

-pp off = no prompting required

-ag All_Code = add a new code-group under All_Code code-group

-url file://\\network-mac\share-fol\* = membership condition of the new code-group should be " any code executing from the mentioned url path "

FullTrust = full trust to be assigned to any code that matches the earlier mentioned membership condition

-exclusive on = apply rights from only this code-group ( if it matches ) ---- do not consider any other code-groups ( normally, there is a union of rights between code groups at same level )

-name "MyTrustedApp" = name of the new code-group
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.