I'm trying to run a piece of code in a sandbox. It failed and the problem comes from the part of the code where cache is used.
public void Demo()
{
// Verify that the code is running in a sandbox: the next line is expected to
// fail, since the sandbox doesn't have enough I/O privileges to access H:\.
File.WriteAllText(@"H:\Hello.txt", "Hello");
}
works as expected, i.e. an exception is thrown, showing that "Request for the permission […] FileIOPermission […] failed.".
When I replace the code by a call to the database, again the result is expected: the app is complaining that there are no enough privileges.
If I add the requested privileges, the code is executed with no exception.
If I replace the previous method by:
public void Demo()
{
Cache cache = HttpRuntime.Cache;
File.WriteAllText(@"H:\Hello.txt", "Hello");
}
it stops working: instead of an expected exception complaining about the insufficient I/O permissions, the one which is thrown is System.Security.SecurityException:
That assembly does not allow partially trusted callers.
Is there something to do with this issue, or the cache is not intended to be used in scenarios other than full-trust?
One of the possible ways to use cache inside code running in partial trust is to move the cache object outside the plug-in. Adapter pattern can be used in order for the plug-in to still be able to read and write data from and in cache, while managing the cache by the caller in a full-trust context.
If other people are interested, I illustrated the original issue and the solution in a project published on CodePlex.