网络共享上的 .NET 4.0 应用程序导致 SecurityException
今天,我在尝试远程调试为 .NET 4.0 运行时构建的应用程序时遇到了一个奇怪的问题。
该应用程序驻留在网络共享上并由远程计算机执行。但是,由于 System.Configuration.ConfigurationManager.GetSection() 方法中的权限需求引发 SecurityException,应用程序每次加载期间都会崩溃。我没有检查基类库中的其他权限要求是否也会导致安全异常,但在所有情况下,新的 CLR 都不应该发生这种情况。
该应用程序正在完全信任的情况下运行(在调试时进行了检查,并且像往常一样,对于 CLR 4.0 中的 Intranet 应用程序来说,这必须始终如此),因此我不知道在这种情况下权限需求如何导致异常。当针对 3.5 SP1 运行时(默认情况下首先引入了对网络共享应用程序的完全信任)构建时,一切都会按预期运行。
我粘贴了下面的示例代码。非常感谢任何帮助。
using System;
using System.Configuration;
namespace ConsoleApplication1
{
public sealed class AssetsSection : ConfigurationSection
{
private static readonly ConfigurationProperty s_propPath;
private static readonly ConfigurationPropertyCollection s_properties;
static AssetsSection()
{
s_propPath = new ConfigurationProperty("path", typeof(String));
s_properties = new ConfigurationPropertyCollection()
{
s_propPath
};
}
public static AssetsSection Get()
{
return (AssetsSection) ConfigurationManager.GetSection("test/assets");
}
protected override ConfigurationPropertyCollection Properties
{
get
{
return s_properties;
}
}
public String Path
{
get
{
return (String) base[s_propPath];
}
set
{
base[s_propPath] = value;
}
}
}
class Program
{
static void Main(String[] args)
{
Console.WriteLine(AssetsSection.Get().Path);
Console.ReadLine();
}
}
}
和App.config文件;
<?xml version="1.0"?>
<configuration>
<configSections>
<sectionGroup name="test">
<section name="assets" type="ConsoleApplication1.AssetsSection, ConsoleApplication1"/>
</sectionGroup>
</configSections>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
</startup>
<test>
<assets path="..\Assets"/>
</test>
</configuration>
Today I experienced a weird problem while trying to remotely debug an application built for the .NET 4.0 runtime.
The application resides on a network share and executed by a remote machine. However the application crashes each time during load because of a SecurityException raised by a permission demand in the System.Configuration.ConfigurationManager.GetSection() method. I have not checked if other permission demands in the base class library also cause a security exception but in all cases this shouldn't be happening with the new CLR.
The application is running in full trust (checked it while debugging and as usual this must be always true for intranet applications in CLR 4.0) so I am clueless how a permission demand can cause an exception in this case. When built against the 3.5 SP1 runtime (which first introduced full trust for network shared apps by default) everythings runs as expected.
I pasted the sample code below. Any help is greatly appreciated.
using System;
using System.Configuration;
namespace ConsoleApplication1
{
public sealed class AssetsSection : ConfigurationSection
{
private static readonly ConfigurationProperty s_propPath;
private static readonly ConfigurationPropertyCollection s_properties;
static AssetsSection()
{
s_propPath = new ConfigurationProperty("path", typeof(String));
s_properties = new ConfigurationPropertyCollection()
{
s_propPath
};
}
public static AssetsSection Get()
{
return (AssetsSection) ConfigurationManager.GetSection("test/assets");
}
protected override ConfigurationPropertyCollection Properties
{
get
{
return s_properties;
}
}
public String Path
{
get
{
return (String) base[s_propPath];
}
set
{
base[s_propPath] = value;
}
}
}
class Program
{
static void Main(String[] args)
{
Console.WriteLine(AssetsSection.Get().Path);
Console.ReadLine();
}
}
}
And the App.config file;
<?xml version="1.0"?>
<configuration>
<configSections>
<sectionGroup name="test">
<section name="assets" type="ConsoleApplication1.AssetsSection, ConsoleApplication1"/>
</sectionGroup>
</configSections>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
</startup>
<test>
<assets path="..\Assets"/>
</test>
</configuration>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
首先尝试加载配置并打开您的部分:
我在 .NET 4 中遇到了同样的问题,这对我有用。
Try loading the configuration first and open your section on that:
I ran into the same issue with .NET 4 and this works for me.
这是由于从网络共享运行应用程序时 .NET 4.0 中的一个已知错误造成的。
以下代码失败并出现 SecurityException。请注意,只有当您为该部分定义了自定义类型(如本例
AssetsSection所示)时,它才会失败:Timo 建议使用不同的 API 来解决此问题。另一种解决方案是应用微软提供的补丁。
该错误和相关修补程序已归档在 KB2580188 下。
This is due to a known bug in .NET 4.0 when running the application from a network share.
The follow code fails with a SecurityException. Note that it only fails when you have defined a custom type for the section like in this example
AssetsSection:One fix is the solution suggestion by Timo to use a different API. Another solution is to apply the patch provided by Microsoft.
The bug and the related hotfix is filed under KB2580188.
如果您添加自己的类来映射如下所示的部分:
您可以使用以下代码:
If you add your own class to map the section like this:
You can use this code:
我在这里推测,但我怀疑是你的配置文件不可信。
在您的情况下,您的配置文件引用的类型
ConsoleApplication1.AssetsSection没有可用作证据的强名称。您能否提供更多详细信息和确切的错误消息。
I'm speculating here, but I suspect it's your configuration file that's not trusted.
In your case, your configuration file is referencing a type
ConsoleApplication1.AssetsSectionthat does not have a strong name that could be used as evidence.Can you provide more details and the exact error message.