Hosting, ASP.NET, medium trust level, metafile - Problem!!!

[Mr.Cyber]

Hi, Borthers!!!

I have A Problem. My code builds some picture dynamically. To do this I'm
using Metafile (System.Drawing.Imaging.Metafile). All that works Fine (on my
local machine) untill we run on hosting environment where is set medium trust
level.

As result I catch the following:

at System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet
grantedSet, PermissionSet deniedSet, CodeAccessPermission demand,
PermissionToken permToken)
at System.Security.CodeAccessSecurityEngine.Check(PermissionToken permToken,
CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames,
Int32 unrestrictedOverride)
at System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap,
StackCrawlMark& stackMark)
at System.Security.CodeAccessPermission.Demand()
at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType
emfType, String description)
at System.Drawing.Imaging.Metafile..ctor(IntPtr referenceHdc, EmfType emfType)

This is a part of stack trace. It's clear that I have a problem with
security settings, namely with Trust Level.

Is There Any Solution in this situation at all?????????
There is no way to change security settings on host machine. I should think
something with my code. But WHAT exactly????

 

[Nicole Calinoiu]

In order to use this Metafile constructor overload, your assembly must have
permission to run unmanaged code (SecurityPermission\UnmanagedCode). If you
must run at the default medium trust level, one approach might be to use
either the constructor that accepts a stream only or the constructor that
accepts a file path (assuming, of course, that the source image is stored on
disk).

 

[Mr.Cyber]

First of all I have to tell you Great Thanks for Your answer.

As for matter so ... I really suspected that thing looks somehow as you
explained.

And it's very Sad ((

What do we actually have???
We have .NET framework. We have ASP.NET. We have a lot of new powereful and
super modern technologies (and in security aspect too) and we CAN NOT do that
simple and very useful things? Am I Right?

I'm writting an engine for some web site. So this code will be executed in
host environment where according to microsoft recomendations and guidelines
will be set Trust Level Medium (with all consequensec, restrictions and
limitations).
I'm trying to use only .NET framework and to work with graphic. I really
need metafiles to build complex compositions of more simple drawings (witch
are metafiles in turn too) with different transformations and without
sacrifice of accuracy. And what .NET can offer me as solution in these
circumstances??????

Will be I right if I say that .NET and GDI+ at nowadays don't give an
ability to solve the mentioned above task???
Frankly I would really like to be mistaken in that statement. But what is in
fact?

Thanks in advance!

 

[Nicole Calinoiu]

First of all I have to tell you Great Thanks for Your answer.

As for matter so ... I really suspected that thing looks somehow as you
explained.

And it's very Sad ((

What do we actually have???
We have .NET framework. We have ASP.NET. We have a lot of new powereful
and
super modern technologies (and in security aspect too) and we CAN NOT do
that
simple and very useful things? Am I Right?

Not quite. You want to perform a potentially dangerous activity in a shared
hosting environment. You are being limited by the CAS permissions grant
configured by your hosting provider, not by anything inherent to the .NET
platform. The hosting provider's decision to not elevate your application's
permissions is actually acting to protect all applications running on that
same server. If you're not happy with that limitation, you have three basic
choices:

1. Stay in the same hosting environment, and change your code so that it
doesn't need elevated privilege,
2. Host on a dedicated machine where your potentially dangerous operations
don't put other folks' applications at risk, or
3. Look for shared hosting with a provider who is willing to elevate your
application's privileges (but be aware that they would probably be willing
to do the same for others, so your application would be at increased risk as
well).

I'm writting an engine for some web site.

Are you writing a web application/site, or a commercial component intended
to be used in a variety of web applications?

So this code will be executed in
host environment where according to microsoft recomendations and
guidelines
will be set Trust Level Medium (with all consequensec, restrictions and
limitations).
I'm trying to use only .NET framework and to work with graphic. I really
need metafiles to build complex compositions of more simple drawings
(witch
are metafiles in turn too) with different transformations and without
sacrifice of accuracy. And what .NET can offer me as solution in these
circumstances??????

Will be I right if I say that .NET and GDI+ at nowadays don't give an
ability to solve the mentioned above task???

Since I don't know exactly what you're doing, I can't even begin to provide
an alternate approach. However, as long as you're using any of the members
that accepts IntPtr arguments, your code is probably going to require
SecurityPermission\UnmanagedCode, which no reliable hosting provider should
be willing to give you in shared hosting. That leaves you with the same
three basic options: change your code, pay for dedicated hosting, or accept
more risk with an alternate hosting provider.