Re: Execute dll in medium trust

donkiely — Wed, 23 May 2007 15:38:11 GMT

Hi,

You're having this problem because the Medium trust level doesn't have the Unmanaged Code flag set on the SecurityPermission. In other words, your code is not allowed to call unmanaged code, in this case your ActiveX control. Even the High trust level doesn't have this permission.

There are two decent options. One is to create a custom trust level that adds the permission to the medium trust level. This isn't hard, but takes a few steps. The downside of this technique is that your entire application then has this dangerous permission. But if you are using this ActiveX component throughout your app this might be a reasonable option.

The other, better option is to sandbox the dangerous code, which calls this ActiveX component. Put the code that calls it into a separate assembly, grant that assembly either full trust or a custom trust level, and call into that assembly from your Web page code. This option is a bit more involved because now you have partially trusted callers into the sandboxed assembly, which requires a few extra steps.

The best description I've seen about these techniques is in Dominick Baier's Developing More-Secure Microsoft ASP.NET 2.0 Applications.

Make sense?

Don

Execute dll in medium trust

Sleb — Wed, 23 May 2007 12:10:22 GMT

Hi,

I have an application where I need to execute an activeX called SIPSExec.dll

This is how I execute it

 Dim transaction As New SIPSExec.Execute()

The maximum trust level I can have is Medium so it fails with this error System.Security.SecurityException: System.Security.Permissions.SecurityPermission

Is there an alternative way to execute a dll using medium trust only ?

Thanks