Hi – I am new to .net security. I am following Mastering visual C#.net book to learn it.I have the following program in Visual Studio 2008.

using System;
using System.IO;
using System.Security.Permissions;
[assembly:FileIOPermissionAttribute(SecurityAction.RequestMinimum,
All=@”c:\\temp”)]
class Example19_1
{
public static void Main()
{
// Create a new file to work with
FileStream fsOut = File.Create(@”c:\\temp\\test.txt”);
// Create a StreamWriter to handle writing
StreamWriter sw = new StreamWriter(fsOut);
// And write some data
sw.WriteLine(“‘Twas brillig, and the slithy toves”);
sw.WriteLine(“Did gyre and gimble in the wabe.”);
sw.Flush();
sw.Close();
}
}

Then, created permission and code group to restrict the FILE IO and I enabled JIT debugger on visual studio. When I start run the exe file from command prompt, JIT debugger did not pop up with the message

Unhandled Exception: System.Security.Policy.PolicyException:
Required permissions cannot be acquired.

As the book says and JIT compiler didn’t even start up. Please direct me on this. Thanks!

Two suggestions: 1/ step through it with the debugger, and 2/ put a try/catch structure in there and place a breakpoint inside the catch block.

Thanks for the suggestion. But I have got the code executed well and stored the string result in text.txt in the specified directory.

I guess I didn't provide more details. I am trying to provide runtime security by FileIOPermission attribute and created permission and codegroup to restrict the write permission on File IO.

But the test.txt gets updated with string after I set the permission and code group to restict write permission.
Can anyone guide me on this? Is there any place do I need to specify on my C# program to use the permission attribute tha I mentioned on the program?

Edited 4 Years Ago by madhan

I don't get why is the assembly still gets full permission when I execute. Please help me ASAP.

Can you manually (using Notepad, for instance) access and modify that file in that protected folder location? If so, you will have proved that it has nothing to do with your program. If so, that will simplify your search for the problem. And, if not, it will confirm that the problem does have something to do with your program. Either way, you will cut down on the number of possible culprits.

Thanks for the directions. I have added some restrictive permission (to allow only read permission on a folder) on a user account.

So,at this point when I run the program it says runtime error "access to the path is denied"

my goal is to provide the full access to the user using .net program.

the things I have tried so far to make it work is follows:

1.I have created the full permission using caspol.exe

2.created full permission using .net framework 2.0 configuration tools - user - permission set and code group for DLL using hash

  1. created like 2 step with DLL strong name and added full trust

those three steps didn't work for me to provide full permission on the program.

I will explain the steps I did with caspol.exe.

  1. caspol -u -ag All_Code -url
    E:\test\* FullTrust -n "MyCodeGroup"

2.in the config tool,checked "This policy level will only hace the permission from the permission set....."

memeber condition URL "E:\test"

permission set : fullTrust

after this steps, still I don't see the full permission on the program.

I have program now as

[assembly:FileIOPermissionAttribute(SecurityAction.RequestMinimum,ViewAndModify="E:\\test\\text.txt")]
...

 FileStream fsOut = File.Open(@"E:\\test\\text.txt", FileMode.Open, FileAccess.ReadWrite);
 //exception: access to the path is denied always

StreamWriter sw = new StreamWriter(fsOut);
    sw.WriteLine("'Twas brillig, and the slithy toves");
        sw.WriteLine("Did gyre and gimble in the wabe.");
        sw.Flush();
        sw.Close();

I have been working on this one for 8 hrs and researched and learned a lot. But still it is not working. I hope I have provided more details here to get the help form you. in he program, I added a commented out the error exception that I receive. What am I missing here, please?

Edited 4 Years Ago by madhan

Can anyone please help me on this? I am using visual studio 2008.and .net 2.0 configuration tool to set code access security policy. if you ned more info other than the things provided above, please let me know.

This article has been dead for over six months. Start a new discussion instead.