 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / CLR / October 2005Notifying the user of what action to take when a SecurityException was unhandled
My application requires full trust to work, so when I run it on a network drive I get the following exception: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. For the user this looks like the program simply crashes. How can I catch the failed request for fulltrust and display a more meaningfull message to the user? One way to do it is to add the following code to the assembly: using System.Security; using System.Security.Permissions; [assembly:SecurityPermission(SecurityAction.RequestMinimum, UnmanagedCode=true)] This will cause it to fail at file load time instead of runtime and the exception is at least more understandable to the user. Another way to do it is something like this: class klass { public static void Main() { try { // Do something simple that should never fail for any other reason } catch (SecurityException) { // Warn user that they need to copy the file before using it } // Execute as usual. } } This has the advantage that you can catch the problem and provide a message box or Console message or something like that to tell them why they need to move the file to their computer before using it. Hi Jim, Thanks for your post. In addtion to Nick Hertl's reply, there is an article talked about how to handle unhandled exception in .Net, for your information: "Unexpected Errors in Managed Applications" http://msdn.microsoft.com/msdnmag/issues/04/06/NET/ Hope this helps Best regards, Jeffrey Tan Microsoft Online Partner Support  SignatureGet Secure! - www.microsoft.com/security This posting is provided "as is" with no warranties and confers no rights. I've looked at the article and the suggestions here, but the problem persists: an exception is thrown before any of my code has had a chance to execute. This means that I'm unable to attach exception handlers because the first line of my static main is never reached. I should note that I'm using VS 2005 Beta 2 and the 2.0 Framework (Build 50.50215). Jeffrey Tan[MSFT] wrote: > Hi Jim, > [quoted text clipped - 12 lines] > Get Secure! - www.microsoft.com/security > This posting is provided "as is" with no warranties and confers no rights. Hi Jim, Thanks for your feedback. Can you show me why your assembly shows the exception without any code executed? Normally, the security check occurs when each code statement executed, so the exception should throw when certain code executed. Have you applied certain security attribute on the assembly so that the CAS check occurs at load time? If so, I suggest you remove the attributes to return to original CAS state. Thanks Best regards, Jeffrey Tan Microsoft Online Partner Support SignatureGet Secure! - www.microsoft.com/security This posting is provided "as is" with no warranties and confers no rights. In addition to the possibilities already raised by Dominick, does your Main method perhaps include a call into a type or member protected by a link demand for a CAS permission? (Link demands are processed at JIT-time, so failing a link demand in your Main method would prevent any of your code from running.) If you're not sure whether or not your Main method contains such a call, you can easily test it (at least in debug mode, where your code won't be subject to inlining) by splitting out the contents of your Main method into a separate method. e.g.: private static void Main(string[] args) { DoMainStuff(args); } private static void DoMainStuff(string[] args) { // Everything that used to be in your Main method goes here. } > I've looked at the article and the suggestions here, but the problem > persists: an exception is thrown before any of my code has had a chance to [quoted text clipped - 22 lines] >> This posting is provided "as is" with no warranties and confers no >> rights. Thanks a lot for your help guys. I use some of the the Marshal methods for global memory which have Link Demands according to the documentation. What is the best way to handle this so I can catch the security exception? > In addition to the possibilities already raised by Dominick, does your > Main method perhaps include a call into a type or member protected by a [quoted text clipped - 41 lines] >>> This posting is provided "as is" with no warranties and confers no >>> rights. You'll be able to catch the exception if you wrap the call to the new "DoMainStuff" method in a try...catch block. In order to ensure that the new method isn't inlined when compiled with optimizations (which is usually the case when compiling in release mode), you can add a MethodImplAttribute as shown below: private static void Main(string[] args) { try { DoMainStuff(args); } catch (SecurityException ex) { // Display your preferred message for a security exception. } catch (Exception ex) { // Display your preferred message for a non-security exception. } } [MethodImpl(MethodImplOptions.NoInlining)] private static void DoMainStuff(string[] args) { // Everything that used to be in your Main method goes here // (including any exception handling that you already had in place). } > Thanks a lot for your help guys. > [quoted text clipped - 47 lines] >>>> This posting is provided "as is" with no warranties and confers no >>>> rights. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.