Search code examples
c#mysqlmysql-connectorsecurityexceptionpartial-trust

MySql.Data in GAC, still SecurityException

I have a problem with MySql.Data in a partial trusted environment. I've added MySql.Data to the GAC (by installing it with the MSI from the mysql.com site). As you can see here:

>gacutil /l | grep -i mysql
  MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d,
 processorArchitecture=MSIL
  MySql.Data.CF, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c4
4d, processorArchitecture=MSIL
  MySql.Data.Entity, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc889
69c44d, processorArchitecture=MSIL
  MySql.Web, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d,
processorArchitecture=MSIL

>

I've add the following to my web.config:

<configuration>
    <system.web>
      <trust level="Vevida"/>
      <compilation debug="true" targetFramework="4.0">
        <assemblies>
          <add assembly="MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"/>
        </assemblies>
      </compilation>
    </system.web>    
</configuration>

But I still get the following exception: Exception Details: System.Security.SecurityException: Request for the permission of type 'MySql.Data.MySqlClient.MySqlClientPermission, MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d' failed.

It is thrown when I try to open a connection.

I'm not sure what I can check more. According to the MySql documentation, I need at least the following permissions: System.Net.SocketPermission, System.Security.Permissions.ReflectionPermission, System.Net.DnsPermission, and System.Security.Permissions.SecurityPermission

In my trust level I these:

<IPermission
    class="SocketPermission"
    version="1"
    Unrestricted="true">
</IPermission>
<IPermission
    class="ReflectionPermission"
    version="1"
    Flags="RestrictedMemberAccess"/>
<IPermission
    class="DnsPermission"
    version="1"
Unrestricted="true"/>
<IPermission
    class="SecurityPermission"
    version="1"
    Flags="Execution,ControlPrincipal,ControlThread,SerializationFormatter"/>

As far as I can see in the documentation, this is enough. Also tried to set the SecurityPermission and ReflectionPermission to unrestricted, this didn't help.

Do you have any ideas?

Solution

  • MySqlClientPermission has to be added to the medium trust config as SecurityClass and IPermission. My web_mediumtrust.config addition is:

    <SecurityClass Name="MySqlClientPermission"
  Description="MySql.Data.MySqlClient.MySqlClientPermission,
  MySql.Data, Version=6.5.4.0, Culture=neutral,
  PublicKeyToken=c5687fc88969c44d"
/>

<IPermission class="MySqlClientPermission" version="1">
  <add connectionString="Server=;Database=;User=;Password=;Port=;Pooling=;"
    restrictions=""
    KeyRestrictionBehavior="PreventUsage" />
</IPermission>

    As also posted on http://www.saotn.org/mysql-connector-net-6-5-partial-trust/