Giving a Mapped Drive .NET FullTrust

Found an interesting post on Chris Sells' blog that talks about how to grant FullTrust to mapped network drives.

The following is taken from his great post:

When attempting to load a VS.NET project from a Network Drive (like Z:) you may receive the following error

The project location is not trused.

Running the application may result in security exceptions when it attemps to perform actions which require full trust

What's happening is that VS is detecting that the project on the network drive is getting Intranet permissions according to the good and true workings of .NET Code Access Security (CAS). However, since I'm just trying to pretend that Z is on my PC (and, in fact, it is), I want it to have FullTrust permissions.

To accomplish this, you need to add a new Code Group with an URL membership permission specifying the folder (in URL form) to which you'd like to grant full trust. You can do with the .NET Framework Configuration tool or you can do it from the command line like so:

c:\>caspol -q -machine -addgroup 1 -url file:///z:/* FullTrust -name "Z Drive"

Once this new code group is in place, any new .NET processes you start will give any assemblies on the Z drive full trust.

Since awarding new permissions, full trust or not, to any chunk of code is something that can cause a security hole, be careful.

Thanks Chris for the tip!  This will prove to be invaluable as I use Virtual PC, and reference projects on my host PC from within a VPC session through folder mappings.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by WP-CopyRightPro