I've been looking at running an app under the default LocalIntranet
permission set and when logging was configured using the
XmlConfiguratorAttribute a FileIOPermission SecurityException was
thrown. The fault did not occur when using the
XmlConfigurator.Configue() method. In both cases log4net was configured
using the app.config file
The exception is thrown in
log4net.Util.SystemInfo.get_ApplicationBaseDirectory() at the line
return AppDomain.CurrentDomain.BaseDirectory;
At the end of the email is information on the exception, param values
and a stack trace as well as other info.
The difference appears to be that the XmlConfiguratorAttribute will only
configure from a file and not from the app settings, even when no file
name or extension is specified. Below is the code from its Configure
method...
Uri applicationBaseDirectoryUri = new
Uri(SystemInfo.ApplicationBaseDirectory);
if (applicationBaseDirectoryUri.IsFile)
{
ConfigureFromFile(sourceAssembly, targetRepository);
}
else
{
ConfigureFromUri(sourceAssembly, targetRepository);
}
The XmlConfigurator.Configure() method get its configuration information
as follows
XmlElement configElement =
System.Configuration.ConfigurationSettings.GetConfig("log4net") as
XmlElement;
and then calls
ConfigureFromXml(repository, configElement);
A quick and dirty test has shown the XmlConfiguratorAttribute can be
altered to get the config information in this way and when thats done it
will work under the LocalIntranet permission set.
So was there any reason the attribute was coded in this way ? In
particular I am thinking about no-touch deployment as that is the
situation i will be using it and i will be doing some more testing in
the morning about this.
I'm happy to make the code changes within the next week (probably) if
thats ok.
Thanks
Aaron Morton
----
log4net version 1.2.9
ms dot net framework 1.1
a winforms application running with LocalIntranet security set by using
permitOnly attribute on the main form(for testing no-touch deployment)
windows xp sp1
## Exception information
{"Request for the permission of type
System.Security.Permissions.FileIOPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed." }
[System.Security.SecurityException]: {"Request for the permission of
type System.Security.Permissions.FileIOPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed."}
System.Object: {System.Security.SecurityException}
_className: null
_COMPlusExceptionCode: -532459699
_exceptionMethod: <undefined value>
_exceptionMethodString: null
_helpURL: null
_HResult: -2146233078
_innerException: { }
_message: "Request for the permission of type
System.Security.Permissions.FileIOPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed."
_remoteStackIndex: 0
_remoteStackTraceString: null
_source: null
_stackTrace: {System.Array}
_stackTraceString: null
_xcode: -532459699
_xptrs: 0
HelpLink: null
HResult: -2146233078
InnerException: { }
Message: "Request for the permission of type
System.Security.Permissions.FileIOPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed."
Source: "mscorlib"
StackTrace: " at
System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet
grantedSet, PermissionSet deniedSet, CodeAccessPermission demand,
PermissionToken permToken)\r\n at
System.Security.CodeAccessSecurityEngine.Check(PermissionToken
permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32
checkFrames, Int32 unrestrictedOverride)\r\n at
System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap,
StackCrawlMark& stackMark)\r\n at
System.Security.CodeAccessPermission.Demand()\r\n at
System.AppDomainSetup.get_ApplicationBase()\r\n at
System.AppDomain.get_BaseDirectory()\r\n at
log4net.Util.SystemInfo.get_ApplicationBaseDirectory() in
c:\\dev\\azz\\log4nettest\\src\\util\\systeminfo.cs:line 102"
TargetSite: <error: an exception of type:
{System.Security.SecurityException} occurred>
## call stack at failure.
> log4net.dll!log4net.Util.SystemInfo.get_ApplicationBaseDirectory()
Line 100 C#
log4net.dll!log4net.Config.XmlConfiguratorAttribute.Configure(System.Reflection.Assembly
sourceAssembly = {System.Reflection.Assembly},
log4net.Repository.ILoggerRepository targetRepository =
{log4net.Repository.Hierarchy.Hierarchy}) Line 199 + 0x6 bytes C#
log4net.dll!log4net.Core.DefaultRepositorySelector.ConfigureRepository(System.Reflection.Assembly
assembly = {System.Reflection.Assembly},
log4net.Repository.ILoggerRepository repository =
{log4net.Repository.Hierarchy.Hierarchy}) Line 638 + 0xd bytes C#
log4net.dll!log4net.Core.DefaultRepositorySelector.CreateRepository(System.Reflection.Assembly
repositoryAssembly = {System.Reflection.Assembly}, System.Type
repositoryType = {"log4net.Repository.Hierarchy.Hierarchy"}, string
repositoryName = "log4net-default-repository", bool
readAssemblyAttributes = true) Line 306 + 0xf bytes C#
log4net.dll!log4net.Core.DefaultRepositorySelector.CreateRepository(System.Reflection.Assembly
repositoryAssembly = {System.Reflection.Assembly}, System.Type
repositoryType = {"log4net.Repository.Hierarchy.Hierarchy"}) Line 214 +
0x16 bytes C#
log4net.dll!log4net.Core.DefaultRepositorySelector.GetRepository(System.Reflection.Assembly
repositoryAssembly = {System.Reflection.Assembly}) Line 137 + 0xd
bytes C#
log4net.dll!log4net.Core.LoggerManager.GetLogger(System.Reflection.Assembly
repositoryAssembly = {System.Reflection.Assembly}, string name =
"avdbClientStats") Line 351 + 0x19 bytes C#
log4net.dll!log4net.LogManager.GetLogger(System.Reflection.Assembly
repositoryAssembly = {System.Reflection.Assembly}, string name =
"avdbClientStats") Line 241 + 0xb bytes C#
log4net.dll!log4net.LogManager.GetLogger(string name =
"avdbClientStats") Line 193 + 0x12 bytes C#
log4nettest.exe!log4nettest.Form1..cctor() Line 25 + 0xc bytes C#
##the line in get_ApplicationBaseDirectory that fails is
return AppDomain.CurrentDomain.BaseDirectory;
## theAppDomain.CurrentDomain value is
? AppDomain.CurrentDomain
{System.AppDomain}
System.MarshalByRefObject: {System.AppDomain}
_DefaultContext: <undefined value>
_DefaultPrincipal: <undefined value>
_dummyField: 1352560
_FusionStore: {System.AppDomainSetup}
_HasSetPolicy: false
_LocalStore: <undefined value>
_Policies: <undefined value>
_PrincipalPolicy: UnauthenticatedPrincipal
_RemotingData: <undefined value>
_SecurityIdentity: <undefined value>
AssemblyLoad: <undefined value>
AssemblyResolve: <undefined value>
BaseDirectory: <error: an exception of type:
{System.Security.SecurityException} occurred>
CurrentDomain: {System.AppDomain}
DomainUnload: {System.EventHandler}
DynamicDirectory: null
Evidence: <error: an exception of type:
{System.Security.SecurityException} occurred>
FriendlyName: "log4nettest.exe"
FusionStore: {System.AppDomainSetup}
InternalEvidence: {System.Security.Policy.Evidence}
LocalStore: {Count=0}
ProcessExit: <undefined value>
RelativeSearchPath: null
RemotingData: {System.Runtime.Remoting.DomainSpecificRemotingData}
ResourceResolve: <undefined value>
SetupInformation: {System.AppDomainSetup}
ShadowCopyFiles: false
TypeResolve: <undefined value>
UnhandledException: <undefined value>
## the sourceAssembly param passed to the Configure method
? sourceAssembly
{System.Reflection.Assembly}
System.Object: {System.Reflection.Assembly}
_DontTouchThis: 1507464
Cache: {System.Reflection.Cache.InternalCache}
CodeBase: <error: an exception of type:
{System.Security.SecurityException} occurred>
EntryPoint: {System.Reflection.RuntimeMethodInfo}
EscapedCodeBase: <error: an exception of type:
{System.Security.SecurityException} occurred>
Evidence: <error: an exception of type:
{System.Security.SecurityException} occurred>
FullName: "log4nettest, Version=1.0.2014.37601, Culture=neutral,
PublicKeyToken=null"
GlobalAssemblyCache: false
ImageRuntimeVersion: "v1.1.4322"
Location: <error: an exception of type:
{System.Security.SecurityException} occurred>
m_assemblyData: <undefined value>
m_cachedData: {System.Reflection.Cache.InternalCache}
ModuleResolve: <undefined value>
s_localFilePrefix: "file:"
