none
CAS problem with an ASP.NET application RRS feed

  • Question

  • Hi, 

    I have an ASP.NET application that is running under a custom created trust level.  The trust level specified that the asp.net application can only write to c:\inetpub\temp.  The restriction is working fine, however there is a situation where I have to write a log to the root c:\ drive.  I don't want to change the config file for the trust level, I just want to assert the permission in code where I need it, then revert it back.  So I have code like:

    FileIOPermission perm = new FileIOPermission(FileIOPermissionAccess.AllAccess, @"c:\");

    perm.Assert();

    File.CreateText(@"c:\somefile.txt");

    But that doesn't work.  I keep getting a security exception saying I don't have the FileIOPermission I need to create the text file.  If I add the root c:\ drive to the FileIOPermission declaration in the config file, it works fine.  

    What am I doing wrong with the code?

    Thanks, 

    Jeff 
    Tuesday, September 16, 2008 12:57 PM

Answers

  • You can't obtain permissions in code that aren't granted, that would defeat the idea of CAS. 
    Hans Passant.
    • Marked as answer by Zhi-Xin Ye Monday, September 22, 2008 7:36 AM
    Thursday, September 18, 2008 2:26 PM
    Moderator

All replies

  • You are probably missing the step where the sysadmin actually grants the permission.  Check this article for a nice write-up.
    Hans Passant.
    Tuesday, September 16, 2008 7:55 PM
    Moderator
  • Are you talking about setting the Assertion flag on the SecurityPermission?  If so I have already done that.  The Assert() statement doesn't work even though I have permission to assert.  It's as if my security settings from the asp.net trust file refuse to be overridden in code. 
    Thursday, September 18, 2008 11:44 AM
  • You can't obtain permissions in code that aren't granted, that would defeat the idea of CAS. 
    Hans Passant.
    • Marked as answer by Zhi-Xin Ye Monday, September 22, 2008 7:36 AM
    Thursday, September 18, 2008 2:26 PM
    Moderator