Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Hosting, ASP.NET, medium trust level, metafile - Problem!!!

Reply
Thread Tools

Hosting, ASP.NET, medium trust level, metafile - Problem!!!

 
 
Mr.Cyber
Guest
Posts: n/a
 
      12-10-2005
Hi, Borthers!!!

I have A Problem. My code builds some picture dynamically. To do this I'm
using Metafile (System.Drawing.Imaging.Metafile). All that works Fine (on my
local machine) untill we run on hosting environment where is set medium trust
level.

As result I catch the following:

at System.Security.CodeAccessSecurityEngine.CheckHelp er(PermissionSet
grantedSet, PermissionSet deniedSet, CodeAccessPermission demand,
PermissionToken permToken)
at System.Security.CodeAccessSecurityEngine.Check(Per missionToken permToken,
CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames,
Int32 unrestrictedOverride)
at System.Security.CodeAccessSecurityEngine.Check(Cod eAccessPermission cap,
StackCrawlMark& stackMark)
at System.Security.CodeAccessPermission.Demand()
at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType
emfType, String description)
at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType emfType)

This is a part of stack trace. It's clear that I have a problem with
security settings, namely with Trust Level.

Is There Any Solution in this situation at all?????????
There is no way to change security settings on host machine. I should think
something with my code. But WHAT exactly????

 
Reply With Quote
 
 
 
 
Nicole Calinoiu
Guest
Posts: n/a
 
      12-12-2005
In order to use this Metafile constructor overload, your assembly must have
permission to run unmanaged code (SecurityPermission\UnmanagedCode). If you
must run at the default medium trust level, one approach might be to use
either the constructor that accepts a stream only or the constructor that
accepts a file path (assuming, of course, that the source image is stored on
disk).



"Mr.Cyber" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi, Borthers!!!
>
> I have A Problem. My code builds some picture dynamically. To do this I'm
> using Metafile (System.Drawing.Imaging.Metafile). All that works Fine (on
> my
> local machine) untill we run on hosting environment where is set medium
> trust
> level.
>
> As result I catch the following:
>
> at System.Security.CodeAccessSecurityEngine.CheckHelp er(PermissionSet
> grantedSet, PermissionSet deniedSet, CodeAccessPermission demand,
> PermissionToken permToken)
> at System.Security.CodeAccessSecurityEngine.Check(Per missionToken
> permToken,
> CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames,
> Int32 unrestrictedOverride)
> at System.Security.CodeAccessSecurityEngine.Check(Cod eAccessPermission
> cap,
> StackCrawlMark& stackMark)
> at System.Security.CodeAccessPermission.Demand()
> at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType
> emfType, String description)
> at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType
> emfType)
>
> This is a part of stack trace. It's clear that I have a problem with
> security settings, namely with Trust Level.
>
> Is There Any Solution in this situation at all?????????
> There is no way to change security settings on host machine. I should
> think
> something with my code. But WHAT exactly????
>



 
Reply With Quote
 
 
 
 
Mr.Cyber
Guest
Posts: n/a
 
      12-12-2005
First of all I have to tell you Great Thanks for Your answer.

As for matter so ... I really suspected that thing looks somehow as you
explained.

And it's very Sad ((

What do we actually have???
We have .NET framework. We have ASP.NET. We have a lot of new powereful and
super modern technologies (and in security aspect too) and we CAN NOT do that
simple and very useful things? Am I Right?

I'm writting an engine for some web site. So this code will be executed in
host environment where according to microsoft recomendations and guidelines
will be set Trust Level Medium (with all consequensec, restrictions and
limitations).
I'm trying to use only .NET framework and to work with graphic. I really
need metafiles to build complex compositions of more simple drawings (witch
are metafiles in turn too) with different transformations and without
sacrifice of accuracy. And what .NET can offer me as solution in these
circumstances??????

Will be I right if I say that .NET and GDI+ at nowadays don't give an
ability to solve the mentioned above task???
Frankly I would really like to be mistaken in that statement. But what is in
fact?

Thanks in advance!


 
Reply With Quote
 
Nicole Calinoiu
Guest
Posts: n/a
 
      12-16-2005
"Mr.Cyber" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> First of all I have to tell you Great Thanks for Your answer.
>
> As for matter so ... I really suspected that thing looks somehow as you
> explained.
>
> And it's very Sad ((
>
> What do we actually have???
> We have .NET framework. We have ASP.NET. We have a lot of new powereful
> and
> super modern technologies (and in security aspect too) and we CAN NOT do
> that
> simple and very useful things? Am I Right?


Not quite. You want to perform a potentially dangerous activity in a shared
hosting environment. You are being limited by the CAS permissions grant
configured by your hosting provider, not by anything inherent to the .NET
platform. The hosting provider's decision to not elevate your application's
permissions is actually acting to protect all applications running on that
same server. If you're not happy with that limitation, you have three basic
choices:

1. Stay in the same hosting environment, and change your code so that it
doesn't need elevated privilege,
2. Host on a dedicated machine where your potentially dangerous operations
don't put other folks' applications at risk, or
3. Look for shared hosting with a provider who is willing to elevate your
application's privileges (but be aware that they would probably be willing
to do the same for others, so your application would be at increased risk as
well).



> I'm writting an engine for some web site.


Are you writing a web application/site, or a commercial component intended
to be used in a variety of web applications?


> So this code will be executed in
> host environment where according to microsoft recomendations and
> guidelines
> will be set Trust Level Medium (with all consequensec, restrictions and
> limitations).
> I'm trying to use only .NET framework and to work with graphic. I really
> need metafiles to build complex compositions of more simple drawings
> (witch
> are metafiles in turn too) with different transformations and without
> sacrifice of accuracy. And what .NET can offer me as solution in these
> circumstances??????
>
> Will be I right if I say that .NET and GDI+ at nowadays don't give an
> ability to solve the mentioned above task???


Since I don't know exactly what you're doing, I can't even begin to provide
an alternate approach. However, as long as you're using any of the members
that accepts IntPtr arguments, your code is probably going to require
SecurityPermission\UnmanagedCode, which no reliable hosting provider should
be willing to give you in shared hosting. That leaves you with the same
three basic options: change your code, pay for dedicated hosting, or accept
more risk with an alternate hosting provider.


> Frankly I would really like to be mistaken in that statement. But what is
> in
> fact?
>
> Thanks in advance!
>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP.NET 1.1 app breaks when moved to shared webhosting with medium trust level Andy ASP .Net 1 12-21-2006 05:40 PM
Full trust and medium trust in .net and websites Linda ASP .Net Security 1 08-31-2006 05:16 AM
Does GridView.DataBind work under medium trust with custom objects =?Utf-8?B?TWFyayBMZWlzdG5lcg==?= ASP .Net 3 08-22-2006 11:13 PM
Does WSE 2.0 work with Medium trust or stronger? Michael Howes ASP .Net 0 01-26-2006 12:16 AM
Medium Level Trust and Reflection Paul Hatcher ASP .Net 0 02-25-2005 02:12 PM



Advertisments