Hi, I'm using open source CMS called N2 that uses Castle and I've run across a strange bug when deploying to my hosting provider.
My host uses this setting in their Medium Trust config file: <IPermission class="SecurityPermission" version="1" Flags="Assertion, Execution, ControlThread, ControlPrincipal, RemotingConfiguration, SerializationFormatter" /> as opposed to the .NET standard <IPermission class="SecurityPermission" version="1" Flags="Assertion, Execution, ControlThread, ControlPrincipal, RemotingConfiguration" /> and this is the exception I get --- stack trace --- Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [SecurityException: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.] System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0 System.Security.CodeAccessPermission.Demand() +58 System.Reflection.RuntimeConstructorInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) +116 Castle.MicroKernel.ComponentActivator.DefaultComponentActivator.FastCreateInstance(Type implType, Object[] arguments, Type[] signature) +81 Castle.MicroKernel.ComponentActivator.DefaultComponentActivator.CreateInstance(CreationContext context, Object[] arguments, Type[] signature) +174 --- end stack trace --- But shouldn't the SerializationFormatter flag grant me _more_ access not less? Is this a bug in Castle.MicroKernel? Any idea how to work around this? Best Regards, /Patrick Rundin To reproduce: Checkout http://n2cms.googlecode.com/svn/trunk/ and follow the build instructions. Fire up N2.Template.Mvc project from the output directory and set up a SQL Server database. Install the site by browsing to [hostname]/n2/installation After sucessfull setup enable medium trust in web.config by adding <system.web> <trust level="Medium" originUrl=""/> </system.web> and adding the SerializationFormatter flag to the <IPermission class="SecurityPermission" row in C:\Windows\Microsoft.NET\Framework \v2.0.50727\CONFIG\web_mediumtrust.config -- You received this message because you are subscribed to the Google Groups "Castle Project Development List" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/castle-project-devel?hl=en.
