Geek Answers Handbook

Get .NET to consider a specific network resource that will be fully trusted

I have (only) Visual Studio 2010. I am trying to run my unit tests from the command line. All my development work is in my home directory on the Linux server that I shared with Samba. When I try to start NUnit, I get this error:

Unhandled Exception: System.TypeInitializationException: The type initializer for 'NUnit.ConsoleRunner.Runner' threw an exception. ---> System.Security.Security Exception: That assembly does not allow partially trusted callers. at NUnit.ConsoleRunner.Runner..cctor() The action that failed was: LinkDemand The assembly or AppDomain that failed was: nunit-console-runner, Version=2.5.9.10305, Culture=neutral, PublicKeyToken=96d09a1eb7f44a77 The method that caused the failure was: NUnit.Core.Logger GetLogger(System.Type) The Zone of the assembly that failed was: Intranet The Url of the assembly that failed was: file:///Z:/gitrepos/smarties/dependencies/Windows-x86/NUnit-2.5.9.10305/bin/net-2.0/lib/nunit-console-runner.DLL --- End of inner exception stack trace --- at NUnit.ConsoleRunner.Runner.Main(String[] args) at NUnit.ConsoleRunner.Class1.Main(String[] args)

I tried using caspol.exe as described here: Edit and run .NET projects from network shares

 >caspol -addgroup 1.2 -url file:///Z:/* FullTrust -name MyZShare Microsoft (R) .NET Framework CasPol 4.0.30319.1 Copyright (c) Microsoft Corporation. All rights reserved. WARNING: The .NET Framework does not apply CAS policy by default. Any settings shown or modified by CasPol will only affect applications that opt into using CAS policy. Please see http://go.microsoft.com/fwlink/?LinkId=131738 for more information. The operation you are performing will alter security policy. Are you sure you want to perform this operation? (yes/no) yes Added union code group with "-url" membership condition to the Machine level. Success

It has no obvious effect.

In the other instructions, tell me to find the Microsoft.NET Security Policy tool in the "Administration" section of the control panel, but I do not have such a tool. (Is it because I only have Visual Studio 2010 and not earlier versions? I use the 64-bit version of Windows 7 Pro, if that matters.)

I just want .NET to believe that this directory is on my own computer, not on the intranet. I do not want any of this code to be launched from a network share during deployment, only as part of the development. I also do not want to blindly trust all network resources, although even this would be a more acceptable solution than copying everything to a local drive every time I want to run a test.

I would rather not sign anything with strong names at this stage of development. (And I'm not even sure if this will help, as NUnit does not seem to work before it even loaded my assembly.)

EDIT. In the end, it turned out that I was trying to solve the wrong problem. Finding out how to get NUnit to run .NET 4.0 tests without a subprocess, I found this:

http://frater.wordpress.com/2010/05/04/debugging-nunit-tests-under-visual-studio-2010/

It says:

According to this page, you should also add this line under the runtime [in nunit-console.exe.config] element:

<loadFromRemoteSources enabled="true" />

This allows you to download libraries downloaded from a remote site (such as a website) with full trust. I'm not sure why this was necessary and indeed, my application debugged NUnit just fine without it. However, if you have problems, you can try.

This fixed my problem for me without having to guess with caspol.

+7
security visual-studio-2010 nunit
source share
3 answers

This is due to the fact that in .NET 3.5 and below all libraries located on network resources are considered as partial trust. This can be circumvented by using a later version of the framework to run NUnit.

NUnit runners target the v3.5 platform, supposedly for old support. You can check this with the corflags tool that comes with Visual Studio

 > corflags nunit-console.exe Version : v2.0.50727

This means that if you run nunit-console.exe from the command line and you have .NET 3.5 and .NET 4 installed, the v3.5 runtime will be used to run the executable file. You can see this on the console output.

 > nunit-console.exe CLR Version: 2.0.50727.7905 ( Net 3.5 )

The configuration contains the <loadFromRemoteSources enabled="true"/> element, which forces .NET v4 to ignore the caller’s partially trusted error, but this parameter is ignored in older versions of the framework.

To make the application run under .NET 4 or higher, add the following line to the startup section of the application configuration file.

 <supportedRuntime version="v4.0"/>

In my case, I had to add a step to automate the build server to change this change before running the tests in a continuous integration environment.

 desc 'run unit tests' task :tests => :compile do runner_dir = FileList["packages/NUnit.Runners*/tools"].first runner_config = File.join(runner_dir, "nunit-console.exe.config") # running the tests from a network share fails due to code access policy if the # runner is on framework v3.5 or lower. force the runner to use v4.0 or above comment = %<!-- Comment out the next line to force use of .NET 4.0 --> runtime_version = %<supportedRuntime version="v4.0.30319"/> File.write(runner_config, File.read(runner_config).sub(comment, runtime_version)) nunit! :actually_run_tests do |nunit| nunit.command = File.join(runner_dir, "nunit-console.exe") nunit.assemblies = FileList["out/**/*.Tests.dll"] nunit.log_level = :verbose end end
+5
source share

I don’t know what I know about security in .net 4.0 to give you a solution, but I can give some idea of ​​the “missing” Microsoft.net policy tool.

It has been removed in .net 4.0, so any examples related to it are up to .net 4.0. Even if you installed the .NET Framework 2.0 to get "SPT", this will only affect .net 2.0, 3.0, and 3.5 applications.

http://msdn.microsoft.com/en-us/library/2bc0cxhc.aspx

Extensive changes have been made to the security model in .Net 4.0, so you should not trust any documents up to 4.0.

http://msdn.microsoft.com/en-us/library/dd233103.aspx

+2
source share

Are you sure NUnit is running under .NET 4.0 instead of the earlier version of the .NET Framework? (Perhaps earlier versions of the earlier version were installed, even if you did not have earlier versions of Visual Studio installed.) Also, what is the complete command line (including all switch values) that you use to run the NUnit console application?

+1
source share

More articles:


All Articles