Code Access Security problem after use SmartAssembly

.NET obfuscator and automated error reporting

Moderators: Luke Jefferson, Alex.Davies, melvyn.harbour

Code Access Security problem after use SmartAssembly

Postby tannerel » Thu Sep 16, 2010 9:31 am

Dear after using smart assembly on a .NET 4.0 project we get following error :

Attempt by security transparent method 'SDWorx.GO.BBX.Client.Shell.App.RunInDebugMode(System.String[])' to access security critical method 'System.AppDomain.add_UnhandledException(System.UnhandledExceptionEventHandler)' failed.

Assembly 'SDWorx.GO.BBX.Client.Shell, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' is marked with the AllowPartiallyTrustedCallersAttribute, and uses the level 2 security transparency model. Level 2 transparency causes all methods in AllowPartiallyTrustedCallers assemblies to become security transparent by default, which may be the cause of this exception.
Can we fix this ?
tannerel
 
Posts: 2
Joined: Thu Sep 16, 2010 9:27 am

Postby Brian Donahue » Fri Sep 17, 2010 3:10 pm

Hello Thomas,

Admittedly I don't have a lot of experience with code access policy, but from what I understand, you have an assembly that calls SDWorx.GO.BBX.Client.Shell, or you have embedded 'SDWorx.GO.BBX.Client.Shell in your SA-protected assembly. You are probably using exception handling in the SA Project, and this is implementing an unhandled exception handler.

The error message itself seems to be new to .NET 4 because of a change in the security model. If this is a web application, you can add this line to web.config under System.Web:<trust legacyCasModel = "True" level="Full" />. If this is not a web application, please let me know.
Brian Donahue
 
Posts: 6670
Joined: Mon Aug 23, 2004 10:48 am

Postby tannerel » Mon Sep 20, 2010 11:39 am

Dear,

It.s a WPF application.

Indeed we are listing to the unhandeld eventhandler.

Greetz
Thomas Annerel
tannerel
 
Posts: 2
Joined: Thu Sep 16, 2010 9:27 am

Postby Brian Donahue » Mon Sep 20, 2010 2:29 pm

Hi Thomas,

I tried to reproduce this, but it's not happening. Using VS2010, I create a WPF application and implement an unhandled exception handler right before InitializeComponent and the assembly runs without incident. If I throw an exception, the SA dialogue displays.

I'm at a loss. Can you please send the assembly(ies) to support@red-gate.com?
Brian Donahue
 
Posts: 6670
Joined: Mon Aug 23, 2004 10:48 am

Postby Brian Donahue » Wed Sep 22, 2010 1:04 pm

Logically speaking, I think marking the method as Security-Critical may make this work.
Code: Select all
[SecurityCriticalAttribute()]
RunInDebugMode(System.String[] myStringArray)
{
...
}


Are you sure this worked before processing with SmartAssembly?
Brian Donahue
 
Posts: 6670
Joined: Mon Aug 23, 2004 10:48 am

Postby Brian Donahue » Tue Sep 28, 2010 4:18 pm

I think that we have come to a conclusion about this, and that is that upgrading a .NET assembly from runtime v2 to runtime v4 that has code access security applied needs to be re-evaluated before running it through SmartAssembly. Because the code access security model has changed, things like assembly attribute "AllowPartiallyTrustedCallers" stop working on protected assemblies and there is no "magic bullet" that will make SmartAssembly work when CASPOL has determined that a SmartAssembly code modification violates a policy.

You can either use v4 security attribues or v2 security attributes, but using v2 attributes and then trying to run the assembly in v4 will cause problems.
Brian Donahue
 
Posts: 6670
Joined: Mon Aug 23, 2004 10:48 am


Return to SmartAssembly 5

Who is online

Users browsing this forum: No registered users and 0 guests