I'm running into an issue where calls made from a GAC-ed assembly with the AllowPartiallyTrustedCallers attribute to another GAC-ed assembly without that attribute made in a partial-trust environment succeed if made directly, but fail if made via reflection.
Assemblies involved:
- Asse开发者_JAVA百科mblyA (installed in GAC, does not have AllowPartiallyTrustedCallers, cannot be modified)
- AssemblyB (installed in GAC, does have AllowPartiallyTrustedCallers, cannot be modified)
- AssemblyC (installed in GAC, does have AllowPartiallyTrustedCallers, can be modified)
- AssemblyD (signed, but not installed in GAC, does have AllowPartiallyTrustedCallers, can be modified).
I need to call code in AssemblyA from AssemblyD both directly and indirectly. For the direct calls, I just moved them from AssemblyD into AssemblyC and everything works. For the indirect calls, I need to call a method in AssemblyB that will internally use Reflection to create an use an instance of a class in AssemblyA. I can make the call to AssemblyB directly from AssemblyD or indirectly via AssemblyC - either would be acceptable, but neither is working for me.
The direct calls work great. The calls that use reflection fail if there is any partially-trusted code on the call stack. I can't avoid the reflection calls AssemblyB is doing - it's doing a lot of other work for me before it makes those calls - work that I can't duplicate in AssemblyC and just make the calls direct.
I've uploaded a project demonstrating this to BitBucket: https://bitbucket.org/jorupp/partialtrusttest. Based on my understanding of partial-trust, all 4 should work (calling A directly from B or C and calling A via reflection from B or C), but the reflection-based calls are failing.
I'm guessing I need to be asserting some CAS permission or the like in my code in AssemblyC to get this working, but I can't figure out what.
Note: the names in my scenario is obviously contrived, but the real-world scenario is a Sharepoint application, where AssemblyA is Microsoft.Sharepoint.Taxonomy, AssemblyB is Microsoft.Sharepoint, AssemblyC is my custom GAC-ed assembly, and AssemblyD is my custom webapp-deployed assembly. As near as I can tell, this is not a Sharepoint-specific problem.
Thanks in advance for any ideas or help.
And after I spent an hour writing up the repro case and the question explaining it, I stumbled on a solution (though I'm not sure it's the right one):
I was trying to use code like this (in AssemblyC)
public void UseClassBToCreateClassAViaReflection()
{
new SecurityPermission(PermissionState.Unrestricted).Assert();
ClassB.CreateClassAViaReflection();
}
Which wasn't working. This however, does:
[PermissionSet(SecurityAction.Assert, Name = "FullTrust")]
public void UseClassBToCreateClassAViaReflection()
{
ClassB.CreateClassAViaReflection();
}
I still don't fully get CAS, but at least this gets me past my first issue and on to my the next one. I don't think I'm creating a massive security whole here, but I'm not quite sure...
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论