Discussion:
Referenced assemblies of VSOT Word Plugin have no permissions.
(too old to reply)
Brian Holmes
2005-07-19 00:40:04 UTC
Permalink
I am creating a plugin in Visual Stuido using VSOT Word Project and I'm
having some problems with SecurityPermissions. I have a second project that
holds my common utility functions and performs operations such as loading and
parsing an XmlDocument, tracing with System.Diagnostics.Trace, and reading
environment variables.

All of the code for these operations will run fine within the Word Project
assembly, but if the code is run in a referenced assembly, it fails because
of numerous security permission exceptions.

Below is an example of one:


System.TypeInitializationException: The type initializer for
'MyTracing.MyTrace' threw an exception. --->
System.Security.SecurityException: Request failed.
at
System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm,
PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh,
SecurityAction action, Object demand, IPermission permThatFailed)
at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Object
assemblyOrString, PermissionSet granted, PermissionSet refused,
RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission
permThatFailed)
at System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet
grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle
rmh, Object assemblyOrString, SecurityAction action, Boolean throwException)
at
System.Security.CodeAccessSecurityEngine.CheckSetHelper(CompressedStack cs,
PermissionSet grants, PermissionSet refused, PermissionSet demands,
RuntimeMethodHandle rmh, Assembly asm, SecurityAction action)
at MyTracing.MyTrace..cctor()
The action that failed was:
LinkDemand
The type of the first permission that failed was:
System.Security.PermissionSet
The demand was for:
<PermissionSet class="System.Security.PermissionSet"
version="1"
Unrestricted="true"/>

The granted set of the failing assembly was:
<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.SecurityPermission,
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution"/>
<IPermission class="System.Security.Permissions.UrlIdentityPermission,
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Url="file:///C:/Documents and
Settings/holmesbj/Desktop/InitializeTheLibrary-concise/InitializeTheLibrary/InitializeTheLibrary/bin/Debug/MyTracing.DLL"/>
<IPermission class="System.Security.Permissions.ZoneIdentityPermission,
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Zone="MyComputer"/>
</PermissionSet>

The assembly or AppDomain that failed was:
MyTracing, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
The Zone of the assembly that failed was:
MyComputer
The Url of the assembly that failed was:
file:///C:/Documents and
Settings/holmesbj/Desktop/InitializeTheLibrary-concise/InitializeTheLibrary/InitializeTheLibrary/bin/Debug/MyTracing.DLL
--- End of inner exception stack trace ---
at MyTracing.MyTrace.get_TraceOn()
at InitializeTheLibrary.ThisDocument.InitializeLibrary() in C:\Documents
and
Settings\holmesbj\Desktop\InitializeTheLibrary-concise\InitializeTheLibrary\InitializeTheLibrary\ThisDocument.cs:line 29



So.... I've seen a lot of posts on here about Security. But, I really want
to know why a referenced assembly, that is built alongside my normal Word
plugin project, and set with CopyLocal = true, and on my local computer, does
not have full trust, and yet the word plugin does. This just doesn't seem
right. I'm effectively forced to put all my code in one assembly, or jump
through hoops to set up Full Trust security policies on assemblies that
normally would execute fine by any other program on my system using them.
What am I missing here?

I should make one point, that none of these assemblies are signed, but I
wouldn't think that would change anything. In addition, as seen in the
exception trace, the referenced assemblies do have Execute permissions, they
just don't have anything else useful.

An explanation of why referenced assemblies have more restricted permissions
here would be extremely helpful. And a solution that plays nice would be
good too. We were hoping we would be able to distribute this code without an
installer, but it looks like that may not be the case.


Cheers,

Brian Holmes
Devin Breshears [MSFT]
2005-07-19 20:27:01 UTC
Permalink
We have changed this behavior in a recent build. Referenced assemblies are
now given FullTrust when building.

Regards,

Devin Breshears
MSFT

This posting is provided "AS IS" with no warranties, and confers no rights.

For more information regarding Visual Studio Tools for Office 2005:

Best of Blogs: Visual Studio 2005 Tools for Office
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/odc_2003_ta/html/odc_landvsto2005_ta.asp

Visual Studio Tools for Office Forum
http://forums.microsoft.com/msdn/ShowForum.aspx?ForumID=16

Visual Studio Tools for the Microsoft Office System
http://msdn.microsoft.com/office/understanding/vsto/default.aspx
Post by Brian Holmes
I am creating a plugin in Visual Stuido using VSOT Word Project and I'm
having some problems with SecurityPermissions. I have a second project that
holds my common utility functions and performs operations such as loading and
parsing an XmlDocument, tracing with System.Diagnostics.Trace, and reading
environment variables.
All of the code for these operations will run fine within the Word Project
assembly, but if the code is run in a referenced assembly, it fails because
of numerous security permission exceptions.
System.TypeInitializationException: The type initializer for
'MyTracing.MyTrace' threw an exception. --->
System.Security.SecurityException: Request failed.
at
System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm,
PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh,
SecurityAction action, Object demand, IPermission permThatFailed)
at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Object
assemblyOrString, PermissionSet granted, PermissionSet refused,
RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission
permThatFailed)
at System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet
grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle
rmh, Object assemblyOrString, SecurityAction action, Boolean throwException)
at
System.Security.CodeAccessSecurityEngine.CheckSetHelper(CompressedStack cs,
PermissionSet grants, PermissionSet refused, PermissionSet demands,
RuntimeMethodHandle rmh, Assembly asm, SecurityAction action)
at MyTracing.MyTrace..cctor()
LinkDemand
System.Security.PermissionSet
<PermissionSet class="System.Security.PermissionSet"
version="1"
Unrestricted="true"/>
<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.SecurityPermission,
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution"/>
<IPermission class="System.Security.Permissions.UrlIdentityPermission,
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Url="file:///C:/Documents and
Settings/holmesbj/Desktop/InitializeTheLibrary-concise/InitializeTheLibrary/InitializeTheLibrary/bin/Debug/MyTracing.DLL"/>
<IPermission class="System.Security.Permissions.ZoneIdentityPermission,
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Zone="MyComputer"/>
</PermissionSet>
MyTracing, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
MyComputer
file:///C:/Documents and
Settings/holmesbj/Desktop/InitializeTheLibrary-concise/InitializeTheLibrary/InitializeTheLibrary/bin/Debug/MyTracing.DLL
--- End of inner exception stack trace ---
at MyTracing.MyTrace.get_TraceOn()
at InitializeTheLibrary.ThisDocument.InitializeLibrary() in C:\Documents
and
Settings\holmesbj\Desktop\InitializeTheLibrary-concise\InitializeTheLibrary\InitializeTheLibrary\ThisDocument.cs:line 29
So.... I've seen a lot of posts on here about Security. But, I really want
to know why a referenced assembly, that is built alongside my normal Word
plugin project, and set with CopyLocal = true, and on my local computer, does
not have full trust, and yet the word plugin does. This just doesn't seem
right. I'm effectively forced to put all my code in one assembly, or jump
through hoops to set up Full Trust security policies on assemblies that
normally would execute fine by any other program on my system using them.
What am I missing here?
I should make one point, that none of these assemblies are signed, but I
wouldn't think that would change anything. In addition, as seen in the
exception trace, the referenced assemblies do have Execute permissions, they
just don't have anything else useful.
An explanation of why referenced assemblies have more restricted permissions
here would be extremely helpful. And a solution that plays nice would be
good too. We were hoping we would be able to distribute this code without an
installer, but it looks like that may not be the case.
Cheers,
Brian Holmes
buechi
2005-07-20 18:14:43 UTC
Permalink
Hey!

I had the same problems and it took me some time because it's all a bit
confusing. I posted a general tutorial about VSTO 2005 Beta 2 security
matters on my blog at:
http://db.icontent.ch/blog/PermaLink.aspx?guid=d45f7a10-7676-44fc-a1cb-bfa03ce2a092

Hope this simple guide helps?

Cheers,

Daniel.

Loading...