The .Net Framework offers capabilities to secure application in a way, that a trust-relationship is being established.
Most well known effect of this security features is, that applications will most likely not run from a network share. The reason for this is the code access security
, which is being defined in a central XML-configuration file. Default setting is, that local code has full trust
, while net-shares (treated as local intranet) has reduced rights and capabilities.
While the .Net Runtime 1.1 had a wizard so modify these settings only the .Net 2.0 SDK has this feature.
So if you’re in the need to modify code access security on a workstation, which only has the .Net Runtime installed you have to use caspol.exe
. This is a command-line utility to modify the security settings for the .Net Framework.
For example, to modify the security settings for a folder test
on drive z:
you need to call:
caspol -m -ag 1.2 -url file://z:/test/* FullTrust
Parameter::
- -m = machine level (affects to complete machine)
- -ag = (add (Code)-Group) 1.2 => parent CodeGroup (equivalent “All_Code” -> “Local Intranet”)
- -url = membership condition “url” (the path has to follow URL notation)
Links: