Security Exception when accessing the registry

[Jason]

Hello everyone,

I've got a security issue that I can't find a solution to and was hoping
someone could point me in the right direction.

I'm trying to open a registry key for read only access with
Registry.LocalMachine.OpenSubKey but I'm getting this security exception
"The application attempted to perform an operation not allowed by the
security policy. To grant this application the required permission please
contact your system administrator or change the application's trust level in
the configuration file."

I'm using ASPNet 2.0, Windows 2000 and IIS 5. The ASP.NET application
requests no authentication, runs as ASPNET and the builtin group Users has
read access to this key.

I understand that ASPNet 2.0 web apps have full trust? Is this true? (Not
in my case I suppose!) I haven't changed machine.config yet. The process
model tag is
<processModel autoConfig="true" />


What should I be looking for to check the web app has the correct
permissions please? I have used this with ASP.Net 1.1 and never had any
security issues.

Cheers for any help you can provide,

Jason.

 

[Walter Wang [MSFT]]

Hi Jason,

By default, ASP.NET 1.1 and 2.0 Web applications and Web services run with
Full trust. It should work correctly if your web application is only
requesting read-only access to the registry.

I think your machine-level web.config might have changed the trust level
from default "Full" to a lower level.

If you need customized trust level to meet your specific requirement, you
can refer to following MSDN library to create your own trust level:

#How to: Use Code Access Security in ASP.NET 2.0
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html
/PAGHT000017.asp

I hope this helps. Please feel free to post here if anything is unclear.

Sincerely,
Walter Wang ([email protected], remove 'online.')
Microsoft Online Community Support

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Jason]

Cheers Walter.

I was looking in machine.config for the trusts but I should have been
looking in web.config. I didn't relase that this had been added to the
framework's system dir. When this project is over, I've got to take a
proper look at security with .Net 2.

Jason.