Code Access Security problem after use SmartAssembly

tannereltannerel Posts: 3
edited September 28, 2010 11:18AM in SmartAssembly 5
Dear after using smart assembly on a .NET 4.0 project we get following error :

Attempt by security transparent method 'SDWorx.GO.BBX.Client.Shell.App.RunInDebugMode(System.String[])' to access security critical method 'System.AppDomain.add_UnhandledException(System.UnhandledExceptionEventHandler)' failed.

Assembly 'SDWorx.GO.BBX.Client.Shell, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' is marked with the AllowPartiallyTrustedCallersAttribute, and uses the level 2 security transparency model. Level 2 transparency causes all methods in AllowPartiallyTrustedCallers assemblies to become security transparent by default, which may be the cause of this exception.
Can we fix this ?

Comments

  • Hello Thomas,

    Admittedly I don't have a lot of experience with code access policy, but from what I understand, you have an assembly that calls SDWorx.GO.BBX.Client.Shell, or you have embedded 'SDWorx.GO.BBX.Client.Shell in your SA-protected assembly. You are probably using exception handling in the SA Project, and this is implementing an unhandled exception handler.

    The error message itself seems to be new to .NET 4 because of a change in the security model. If this is a web application, you can add this line to web.config under System.Web:<trust legacyCasModel = "True" level="Full" />. If this is not a web application, please let me know.
  • Dear,

    It.s a WPF application.

    Indeed we are listing to the unhandeld eventhandler.

    Greetz
    Thomas Annerel
  • Hi Thomas,

    I tried to reproduce this, but it's not happening. Using VS2010, I create a WPF application and implement an unhandled exception handler right before InitializeComponent and the assembly runs without incident. If I throw an exception, the SA dialogue displays.

    I'm at a loss. Can you please send the assembly(ies) to support@red-gate.com?
  • Logically speaking, I think marking the method as Security-Critical may make this work.
    &#91;SecurityCriticalAttribute&#40;&#41;&#93;
    RunInDebugMode&#40;System.String&#91;&#93; myStringArray&#41;
    &#123;
    ...
    &#125;
    

    Are you sure this worked before processing with SmartAssembly?
  • I think that we have come to a conclusion about this, and that is that upgrading a .NET assembly from runtime v2 to runtime v4 that has code access security applied needs to be re-evaluated before running it through SmartAssembly. Because the code access security model has changed, things like assembly attribute "AllowPartiallyTrustedCallers" stop working on protected assemblies and there is no "magic bullet" that will make SmartAssembly work when CASPOL has determined that a SmartAssembly code modification violates a policy.

    You can either use v4 security attribues or v2 security attributes, but using v2 attributes and then trying to run the assembly in v4 will cause problems.
Sign In or Register to comment.