The truth about Security Exception (hopefully)

  •  10-03-2006, 8:00 PM

    The truth about Security Exception (hopefully)

    Hi,

    I'm writing this in hope I can finally get a decent answer.

    There seem to be an issue with most of the pop-up'ed "Insert" features (Insert Image, Insert Flash,Insert Media, Downloadable Files, Insert Templates) while running on non full trust level on a server.
    It's happening on hosted services (aka Angry client's web server) but I can also reproduce it on my local servers too.
    By non full trust, I mean any Trust level below full, even High causes problem.

    It appears that these Insert features work fine as long as no files are present in the directory. As soon as you have a single file in the directory it crashes with a Security Exception error. Remove the file and it's working again.

    The Error is:

    Request for the permission of type System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.

    In, for instance with Insert Image:

    Source File:  D:\w3\WebTest\CuteSoft_Client\CuteEditor\Dialogs\Gecko_InsertImage.Frame.Aspx    Line:  27

    (Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300)

    The first test server running the sample application where I can reproduce the issue is

    Windows 2003 Server (Enterprise Ed) SP1
    .NET framework 1.1 (2.0 NOT installed).
    NTFS File system
    CuteEditor version 5.3

    I have given write access to the aspnet account to the corresponding uploads folder.

    I've even tried as suggested somewhere else to create a CuteEditorTemp folder and added the CuteEditorTempPath key to the web.config file (at this stage, note that the temp files (ex: 5860aa94.txt) do get written into that folder)

    I can also reproduce the error on a different machine which has
    Windows XP Pro SP2
    .NET framework 1.1 (2.0 is installed but not selected in IIS)
    FAT32
    File system (which kind of tells me this is not a file system access issue)
    CuteEditor version 5.3

    Same problem with that configuration.

    For both of them, as soon as I move to full trust it works, any other it crashes when there's a file in the directory.

    This is a major issue with our clients, and we're starting to consider alternative solutions.

    I've previously raised the issue in a different post (http://cutesoft.net/forums/thread/22866.aspx), but have not to date been given any definite answer.
    I've been suggested to provide some FTP details, which I have done via private messages but haven't received a single answer to those private messages.

    Sooooo.. what's the story with this, and how do I fix it?

    I'm happy to assist with troubleshooting the issue, provide FTP details, anything, but please help!

    Thanks,
    Ben

View Complete Thread