MySql.Data in GAC, still SecurityException
https://stackoverflow.com/questions/9792920
-
25-05-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a problem with MySql.Data in a partial trusted environment. I've added MySql.Data to the GAC (by installing it with the MSI from the mysql.com site). As you can see here:
>gacutil /l | grep -i mysql
MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d,
processorArchitecture=MSIL
MySql.Data.CF, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c4
4d, processorArchitecture=MSIL
MySql.Data.Entity, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc889
69c44d, processorArchitecture=MSIL
MySql.Web, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d,
processorArchitecture=MSIL
>
I've add the following to my web.config:
<configuration>
<system.web>
<trust level="Vevida"/>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"/>
</assemblies>
</compilation>
</system.web>
</configuration>
But I still get the following exception:
Exception Details: System.Security.SecurityException: Request for the permission of type 'MySql.Data.MySqlClient.MySqlClientPermission, MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d' failed.
It is thrown when I try to open a connection.
I'm not sure what I can check more. According to the MySql documentation, I need at least the following permissions: System.Net.SocketPermission, System.Security.Permissions.ReflectionPermission, System.Net.DnsPermission, and System.Security.Permissions.SecurityPermission
In my trust level I these:
<IPermission
class="SocketPermission"
version="1"
Unrestricted="true">
</IPermission>
<IPermission
class="ReflectionPermission"
version="1"
Flags="RestrictedMemberAccess"/>
<IPermission
class="DnsPermission"
version="1"
Unrestricted="true"/>
<IPermission
class="SecurityPermission"
version="1"
Flags="Execution,ControlPrincipal,ControlThread,SerializationFormatter"/>
As far as I can see in the documentation, this is enough. Also tried to set the SecurityPermission and ReflectionPermission to unrestricted, this didn't help.
Do you have any ideas?
Solution
MySqlClientPermission has to be added to the medium trust config as SecurityClass and IPermission. My web_mediumtrust.config addition is:
<SecurityClass Name="MySqlClientPermission"
Description="MySql.Data.MySqlClient.MySqlClientPermission,
MySql.Data, Version=6.5.4.0, Culture=neutral,
PublicKeyToken=c5687fc88969c44d"
/>
<IPermission class="MySqlClientPermission" version="1">
<add connectionString="Server=;Database=;User=;Password=;Port=;Pooling=;"
restrictions=""
KeyRestrictionBehavior="PreventUsage" />
</IPermission>
As also posted on http://www.saotn.org/mysql-connector-net-6-5-partial-trust/
OTHER TIPS
Every time your code opens a MySqlConnection, the MySql client makes a demand for MySqlClientPermission on the connection string. Your application must have this permission, regardless of whether the MySql client assemblies are in the GAC or not.
The permissions listed at http://englishebook.info/1/software-to-download/656-running-connectornet-65-inside-medium-trust-level (the ones that you've mentioned in your question) are the ones need by the MySql client assemblies, not the ones needed by your ASP.NET application. To allow your application to use MySql, you will need to grant it MySqlClientPermission.
