Does being in the GAC grant fulltrust? RRS feed

  • Question

  • Hello.

    First question - are all assemblies in the GAC trusted in XP?

    As it seems OracleDataAccess is not despite being in the GAC?!?!

    If I open the .Net Configuration tool (1.1) and view the Policy Assemblies under the Runtime Security Policy (Machine), I don't see Oracle.DataAccess. 

    We have an application that references this assembly but fails when trying to use Oracle.DataAccess. If add Oracle.DataAccess to the Policy Assemblies the app works as I assume that the ODA assembly is now being evaluated and granted fulltrust. Is this normal or should the Oracle Client install grant full trust to this assembly?

    Is it only Microsoft Assemblies granted full trust even if a third party assembly us in the GAC?
    Sunday, December 6, 2009 8:37 AM


  • Hello,

    the CLR gathers evidences,  and if the evidences satisfy the rules set up in the .NET framework's configuration it grants permissions (an evidence could be the location of the assembly, a digital signature or a URL, etc.) All assemblies on your hard drive execute with FullTrust by default, the GAC makes no exception unless you modified the default permission sets. But the CLR grants permissions according to an intersection of permissions given at different levels. In your case, Oracle.DataAccess has FullTrust because of the My_Computer_Zone code group, but it is executing with restricted permissions because it contains security objects not deployed with the .NET Framework. You have to add Oracle.DataAccess to the list of trusted Policy Assemblies (mscorcfg.msc) to fully trust it.


    • Marked as answer by eryang Monday, December 14, 2009 3:27 AM
    Sunday, December 6, 2009 6:39 PM