In answering your question, I have to make a couple of assumptions. The first is that you plan to distribute your application to other users. The second is that you will not have administrative control over your users' machines.
As you have indirectly discovered, code that executes from a file share has fewer privileges (by default) than code that executes from the local hard drive. This is called Code Access Security. Unless your users change the default security settings for the framework, your code will not work. You should either install the utility object to the users hard drive or not use the registry. You may wish to spend some quality time with the .NET Framework configuration tool and the help files to get a better understanding of the intricacies of CAS. -----Original Message----- From: Jay Ayliff [mailto:[EMAIL PROTECTED]] Sent: Monday, June 24, 2002 10:04 AM To: [EMAIL PROTECTED] Subject: [DOTNET] Security Problems with Dynamically Loaded Assemblies Hi List, I am encountering interesting security problems with my VB.NET application. I have an MDI form that instantiates a utility object for things like program load, message passing, etc. The MDI form uses System.Reflection.Assembly.LoadFrom() to dynamically load an assembly off a server. This is connected to the utility object and calls various methods on it. I get an error thrown when the loaded assembly calls a method on the utility object that reads the registry (i.e. does a GetSettings). Here's the error's .ToString: "System.Security.SecurityException: Request for the permission of type System.Security.Permissions.RegistryPermission, mscorlib, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed. at System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, PermissionToken permToken) at System.Security.CodeAccessSecurityEngine.Check(PermissionToken permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames, Int32 unrestrictedOverride) at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark) at System.Security.CodeAccessPermission.Demand() at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable) at Microsoft.Win32.RegistryKey.OpenSubKey(String name) at Microsoft.VisualBasic.Interaction.GetSetting(String AppName, String Section, String Key, String Default) at SCAT.SCATComm.MRUListGet(String ListName) in C:\VBDotNet\SCATComm\SCATComm.vb:line 626" The bottom line (SCAT.SCATComm.MRUListGet) is my method to get the registry setting. The line of code that throws the exception is: ListSetting = GetSetting("SCAT", "MRU", ListName) ListSetting is a string. The code works when I do a project reference to the assembly in question, but fails when it is dynamically loaded. Any ideas on how to make it work? Regards, Jay Ayliff Stalis Ltd You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
