C# Winforms - Trying to display OpenFileDialog by adding FileDialogPermission to AppDomainSetup

Question

I'm trying understand Sandboxing in .Net4.0 but stumbled over this problem and unsure how to get around it within a C# Windows Form application.

Within solution explorer I have 2 projects. The first project simply contains a Winform with a single button on it. When I click the button, the code is meant to call the second project and open up an OpenFileDialog control. I'm not doing any file reads at all..just trying to simple display of the OpenFileDialog control. I am running under administrator priveleges but still receiving the following error message:

System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Help would be appreciated, here's the actual code:

 //Project 1:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Security;
using System.Security.Permissions;
using ClassLibrary1;

namespace DeleteSandboxing
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

        private void button1_Click(object sender, EventArgs e)
        {
            //STEP1 - Setup the "PermissionSet"
            PermissionSet permSet = new PermissionSet(PermissionState.None);



            permSet.AddPermission(newSecurityPermission
            (SecurityPermissionFlag.Execution));

            permSet.AddPermission(new UIPermission(UIPermissionWindow.AllWindows));
            permSet.AddPermission(new  
            FileDialogPermission(FileDialogPermissionAccess.Open));

            //STEP2 - Setup the "AppDomainSetup"
            AppDomainSetup objSetup = new AppDomainSetup();
            objSetup.ApplicationBase =    
            AppDomain.CurrentDomain.SetupInformation.ApplicationBase;

            //STEP3 - Create the "AppDomain"
            AppDomain domain = AppDomain.CreateDomain("New domain name", 
            AppDomain.CurrentDomain.Evidence, objSetup, permSet);


            //STEP4 - Call "ShowDialog()" via the interface i1.
            Interface1 i1 =
            (ClassLibrary1.Class1)domain.CreateInstanceFromAndUnwrap("ClassLibrary1",  
            "ClassLibrary1.Class1");

            i1.ShowDialog();

        }
    }
}


//Project 2:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Runtime.CompilerServices;
using System.Reflection;


namespace ClassLibrary1
{

    public class Class1:MarshalByRefObject,Interface1
    {
        public void ShowDialog()
        {
            OpenFileDialog obj = new OpenFileDialog();
            obj.ShowDialog();
        }
    }

    public interface Interface1
    {
        void ShowDialog();
    }
}

Answer 1

Your problem is that you added permissions for the OpenFileDialog but you didn't assign any FileIOPermission so by nature the dialog wants some file access permissions. You can assign this permnission to your PermissionSet object a couple different ways:

If you want unrestricted file open access within your OpenFileDialog:

    permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));

If you want to give only file open access to a specified path(s):

    permSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, "path_name"));

With this type of permission you would also need to set the default directory of the OpenFileDialog;

    OpenFileDialog obj = new OpenFileDialog();
    obj.InitialDirectory = "path_name_defined_in_permissions";
    obj.ShowDialog();

You may also need to change the assembly name in "Step 4" to reflect the file extension:

         Interface1 i1 =
        (ClassLibrary1.Class1)domain.CreateInstanceFromAndUnwrap("ClassLibrary1.dll",
        "ClassLibrary1.Class1");

I needed to make this change to get mine working, but that just may be due to the fact that I'm using a network folder for my development path. Hope that helps!