test your medium trust config

need some help with a .net 2 secure email script that i've got. i get this message

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.


here is the code i'm running.

Code: 
private void SendSecureEmailTest(string senderEmail, string senderName, string recipientEmail, string recipientName, string subject, string body, string host)
    {
        //get cert
                X509Certificate2 cert = new X509Certificate2("D:\\hshome\\munch\\tigerfish.com.au\\ssl\\tigerderx509.cer");
               CmsRecipient cmsRecipient = new CmsRecipient(SubjectIdentifierType.IssuerAndSerialNumber, cert);

        //get bytes
        UTF8Encoding encoding = new UTF8Encoding();
        byte[] msgBytes = encoding.GetBytes(body);

        //encrpyte
        ContentInfo contentInfo = new ContentInfo(msgBytes);
        EnvelopedCms envelopedCms = new EnvelopedCms(contentInfo);
        envelopedCms.Encrypt(cmsRecipient);
        byte[] encodedMsgBytes = envelopedCms.Encode();

        //send 
        using (MemoryStream contentStream = new MemoryStream(encodedMsgBytes))
        {
            AlternateView encryptedBody = new AlternateView(contentStream, "application/x-pkcs7-mime;smime-type=enveloped-data;name=smime.p7m;");
            encryptedBody.TransferEncoding = TransferEncoding.Base64;

            using (MailMessage message = new MailMessage(new MailAddress(senderEmail, senderName, Encoding.UTF8), new MailAddress(recipientEmail, recipientName, Encoding.UTF8)))
            {
                message.Subject = subject;
                message.BodyEncoding = Encoding.UTF8;
                message.SubjectEncoding = Encoding.UTF8;
                message.AlternateViews.Add(encryptedBody);
                message.Headers.Add("content-disposition", "attachment;filename=\"smime.p7m\"");

                SmtpClient client = new SmtpClient(host);
                client.Send(message);

               
            }
        }

    }


please help
 
If you want the ability to develop both full trust and medium (JodoHost compatible) applications, you could do the following:

Machine level web.config:
Code: 
<location allowOverride="true">
    <system.web>
        <securityPolicy>
            <trustLevel name="Full" policyFile="internal" />
            <trustLevel name="High" policyFile="web_hightrust.config" />
            <trustLevel name="Medium" policyFile="web_mediumtrust.config" />
            <trustLevel name="Low"  policyFile="web_lowtrust.config" />
            <trustLevel name="Minimal" policyFile="web_minimaltrust.config" />
            <trustLevel name="JodoHost" policyFile="jodohost.config" />
        </securityPolicy>
        <trust level="Full" originUrl="" />
    </system.web>
</location>

Instead of overriding the current Medium trust I define a new one. I leave standard trust on full and still allow override.

In my JodoHost targeted App's Web.config I do the following:
Code: 
<configuration>
	<system.web>
		<trust level="JodoHost" originUrl=""/>
	</system.web>
</configuration>

If you really don't want to edit the machine level config you could do it all at the application level, but jodohost.config would have to be in the same directory:
Code: 
<configuration>
	<system.web>
		<securityPolicy>
			<trustLevel name="JodoHost" policyFile="jodohost.config" />
		</securityPolicy>
		<trust level="JodoHost" originUrl=""/>
	</system.web>
</configuration>

zip.gif
jodohost.zip
 
I assume using System.Security.Cryptography.X509Certificate2 is out of the question at shared servers. It does require a patch http://support.microsoft.com/kb/915980/en-us or a FullTrust.

That’s unfortunate. I was hopping to integrate an encrypted forms generator for PayPal shopping cart but could not make it work here. :( Wonder if anyone tried that at all at Jodo shared servers…
 
That'd be great. Thanks! :))

While we are at it.. could you also see if win23 has OpenSSL support for PHP.. just in case .NET hotfix would not work out so I may try to settle with PHP based solution.
 
I have a requiremnt of the cleint to use ABCPDF.Net in the application. And I assume this requires Full Trust and also ASPNET /IUSER Permissions on the two DLL's and also the folder where it will convert it to PDF.

However when I hot it on this server I get the below error :

[PolicyException: Required permissions cannot be acquired.]

System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Boolean checkExecutionPermission) +2770052

System.Security.SecurityManager.ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, PermissionSet& denied, Int32& securitySpecialFlags, Boolean checkExecutionPermission) +57

CAn anyone help me regarding this OR I cannot use ABCPDF.NET on LiteHost..

Atul
 
Hello, i just configure my machine just like the jodo host support team told me, and now I am getting this error.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

please help, I am developing in ASP.NET using C#
If I put the original configuration it works fine, th scenario is as follow:

System.Drawing.Image img = System.Drawing.Image.FromFile(path);
:( thank for any help
 
mvelasquez said:
Hello, i just configure my machine just like the jodo host support team told me, and now I am getting this error.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

please help, I am developing in ASP.NET using C#
If I put the original configuration it works fine, th scenario is as follow:

System.Drawing.Image img = System.Drawing.Image.FromFile(path);
:( thank for any help
Click to expand...
this error normally comes when you use a path like d:\hshome in the physical way instead of using the virtual path like /upload/file.jpg (for example)
 
using this basic code im getting permission errors described above:

private string txtFile = "/includes/text.txt";

TextWriter tw = new StreamWriter(Server.MapPath(txtFile), false);
tw.WriteLine(this.editor.Value);
tw.Close();


What am i doing wrong here?
 
Hi Stephen, hope you're fine!
I'm writing you because I was reading your post
about trust level and I follow all steps you said
but web I put this
----------------------------------
<location allowOverride="false">
<system.web>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High" policyFile="web_hightrust.config" />
<trustLevel name="Medium" policyFile="mediumtrust.config" />
<trustLevel name="Low" policyFile="web_lowtrust.config" />
<trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>
</securityPolicy>
</system.web>
</location>

<location allowOverride="false">
<system.web>
<trust level="Medium" originUrl="" />
</system.web>
</location>
----------------------------------------

on the web.config and then compile I get this error:

The entry 'Medium' has already been added :( ?(

Please, could you help me? It's very important to me
solve this problem ASAP
Thank you very much!
Mónica


====================================================





Stephen said:
Here is the file in Text form:
Code: 
<configuration>
    <mscorlib>
        <security>
            <policy>
                <PolicyLevel version="1">
                    <SecurityClasses>
                        <SecurityClass Name="AllMembershipCondition" Description="System.Security.Policy.AllMembershipCondition, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="AspNetHostingPermission" Description="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="ConfigurationPermission" Description="System.Configuration.ConfigurationPermission, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
                        <SecurityClass Name="DnsPermission" Description="System.Net.DnsPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="EnvironmentPermission" Description="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="FileIOPermission" Description="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="FirstMatchCodeGroup" Description="System.Security.Policy.FirstMatchCodeGroup, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="IsolatedStorageFilePermission" Description="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="NamedPermissionSet" Description="System.Security.NamedPermissionSet"/>
                        <SecurityClass Name="PrintingPermission" Description="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
                        <SecurityClass Name="ReflectionPermission" Description="System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="RegistryPermission" Description="System.Security.Permissions.RegistryPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="SecurityPermission" Description="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="SmtpPermission" Description="System.Net.Mail.SmtpPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="SocketPermission" Description="System.Net.SocketPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="SqlClientPermission" Description="System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="StrongNameMembershipCondition" Description="System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="UnionCodeGroup" Description="System.Security.Policy.UnionCodeGroup, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="UrlMembershipCondition" Description="System.Security.Policy.UrlMembershipCondition, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="WebPermission" Description="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                        <SecurityClass Name="ZoneMembershipCondition" Description="System.Security.Policy.ZoneMembershipCondition, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
			<SecurityClass Name="OleDbPermission" Description="System.Data.OleDb.OleDbPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
			<SecurityClass Name="OdbcPermission" Description="System.Data.Odbc.OdbcPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
			<SecurityClass Name="OraclePermission" Description="System.Data.OracleClient.OraclePermission, System.Data.OracleClient, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                    </SecurityClasses>
                    <NamedPermissionSets>
                        <PermissionSet
                                class="NamedPermissionSet"
                                version="1"
                                Unrestricted="true"
                                Name="FullTrust"
                                Description="Allows full access to all resources"
                        />
                        <PermissionSet
                                class="NamedPermissionSet"
                                version="1"
                                Name="Nothing"
                                Description="Denies all resources, including the right to execute"
                        />
                        <PermissionSet
                                class="NamedPermissionSet"
                                version="1"
                                Name="ASP.Net">
                            <IPermission
                                    class="AspNetHostingPermission"
                                    version="1"
                                    Level="High"
                            />
                            <IPermission
                                    class="ConfigurationPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="DnsPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="EnvironmentPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="FileIOPermission"
                                    version="1"
                                    Read="$AppDir$"
                                    Write="$AppDir$"
                                    Append="$AppDir$"
                                    PathDiscovery="$AppDir$"
                            />
                            <IPermission
                                    class="IsolatedStorageFilePermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="PrintingPermission"
                                    version="1"
                                    Level="DefaultPrinting"
                            />
                            <IPermission
                                    class="ReflectionPermission"
                                    version="1"
                                    Flags="ReflectionEmit"
                            />
                            <IPermission
                                    class="RegistryPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="SecurityPermission"
                                    version="1"
                                    Flags="Assertion, Execution, ControlThread, ControlPrincipal, RemotingConfiguration"
                            />
                            <IPermission
                                    class="SmtpPermission"
                                    version="1"
                                    Access="Connect"
                            />
                            <IPermission
                                    class="SocketPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="SqlClientPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
                            <IPermission
                                    class="WebPermission"
                                    version="1"
                                    Unrestricted="true"
                            />
			    <IPermission class="OleDbPermission" 
                  		    version="1" 
				    Unrestricted="true"
			    />

			    <IPermission class="OdbcPermission"
				    version="1"
				    Unrestricted="true"
			    />

			    <IPermission class="OraclePermission"
				    version="1"
				    Unrestricted="true"
			    />
                        </PermissionSet>
                    </NamedPermissionSets>
                    <CodeGroup
                            class="FirstMatchCodeGroup"
                            version="1"
                            PermissionSetName="Nothing">
                        <IMembershipCondition
                                class="AllMembershipCondition"
                                version="1"
                        />
                        <CodeGroup
                                class="UnionCodeGroup"
                                version="1"
                                PermissionSetName="ASP.Net">
                            <IMembershipCondition
                                    class="UrlMembershipCondition"
                                    version="1"
                                    Url="$AppDirUrl$/*"
                            />
                        </CodeGroup>
                        <CodeGroup
                                class="UnionCodeGroup"
                                version="1"
                                PermissionSetName="ASP.Net">
                            <IMembershipCondition
                                    class="UrlMembershipCondition"
                                    version="1"
                                    Url="$CodeGen$/*"
                            />
                        </CodeGroup>
                        <CodeGroup class="UnionCodeGroup" version="1" PermissionSetName="Nothing">
                        	<IMembershipCondition
                                class="ZoneMembershipCondition"
                                version="1"
                                Zone="MyComputer" />
                            <CodeGroup
                                    class="UnionCodeGroup"
                                    version="1"
                                    PermissionSetName="FullTrust"
                                    Name="Microsoft_Strong_Name"
                                    Description="This code group grants code signed with the Microsoft strong name full trust. ">
                                <IMembershipCondition
                                        class="StrongNameMembershipCondition"
                                        version="1"
                                        PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010007D1FA57C4AED9F0A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C834C99921EB23BE79AD9D5DCC1DD9AD236132102900B723CF980957FC4E177108FC607774F29E8320E92EA05ECE4E821C0A5EFE8F1645C4C0C93C1AB99285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF0FC4963D261C8A12436518206DC093344D5AD293"
                                />
                            </CodeGroup>
                            <CodeGroup
                                    class="UnionCodeGroup"
                                    version="1"
                                    PermissionSetName="FullTrust"
                                    Name="Ecma_Strong_Name"
                                    Description="This code group grants code signed with the ECMA strong name full trust. ">
                                <IMembershipCondition
                                        class="StrongNameMembershipCondition"
                                        version="1"
                                        PublicKeyBlob="00000000000000000400000000000000"
                                />
                            </CodeGroup>
                        </CodeGroup>
                    </CodeGroup>
                </PolicyLevel>
            </policy>
        </security>
    </mscorlib>
</configuration>
Click to expand...
 
Now it show this error

Error 1 Unable to read the security policy file for trust level 'Medium'.

:(

Is anybody there?;(
help please
 
ok i got the jodomediumtrust in iis on local...

there's a control that doesn't work here, but does on the jodo hosted site?

asp::image i belive... will only work under full trust, here locally.

how to troubleshoot this?

edit
actually it's this:
Code: 
				<div class="buttonbar buttonbar-top">
					<a href="Portfolio.aspx"><asp:image ID="Image1" runat="Server"	 skinid="gallery" /></a>
					&nbsp;&nbsp;&nbsp;&nbsp;
					<asp:ImageButton ID="ImageButton9" Runat="server" CommandName="Page" CommandArgument="First" skinid="first"/>
					<asp:ImageButton ID="ImageButton10"	Runat="server" CommandName="Page" CommandArgument="Prev" skinid="prev"/>
					<asp:ImageButton ID="ImageButton11"	Runat="server" CommandName="Page" CommandArgument="Next" skinid="next"/>
					<asp:ImageButton ID="ImageButton12"	Runat="server" CommandName="Page" CommandArgument="Last" skinid="last"/>
				</div>
/edit
 
is 'AllowPartiallyTrustedCallersAttribute' enabled on jodo sites? is that why my local copy is failing and not the remote site hosted on jodo?

edit
mmmph nvm think i found it
/edit
 
AllowPartiallyTrustedCallersAttribute this is a setting that needs to be made on a per DLL level, it is the complied DLLs that sometimes do not allow such.
 
thank you

yes i figured that out (eventually :/ )

but i don't have any .dll's :/

anyway, it works just fine on jodohost, at worst i can just do it in full trust locally and see if anything breaks when i upload it...

i wanted to duplicate the production env though :/

well good thing i don't make my living coding :)

thanks again
 
You must log in or register to reply here.
Back
Top