VSTO Security - cannot run or debug any VSTO documents
cappy
from a local directory (should have FullTrust), but no matter what I
try I cannot get it to run. Excel simply flashes for a second on the
screen and exits. If I try to open the generated .xls I always get:
"The current .NET Security Policy does not permit [VSTO-generated
.xls] to run from .\[VSTO Solution directory}_bin\. Do not change the
security policy in your computer... etc..."
Here is what I have installed:
[1] VS.NET 2003/VS.NET 2005 Tech Preview
[2] XP sp2
[3] registered msosec.dll in gac
[4] VSTO
First of all, the Office Projects code group was only given Execution
rights on installation. I thought it was supposed to get FullTrust (a
sp2 thing?) or is it only supposed to get Execution trust and the
assemblies get FullTrust? Here is the output from 'caspol -a -lg' on
my machine (before creating a VSTO solution):
>caspol -a -lg
Microsoft (R) .NET Framework CasPol 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
Security is ON
Execution checking is ON
Policy change prompt is ON
Level = Enterprise
Code Groups:
1. All code: FullTrust
Level = Machine
Code Groups:
1. All code: Nothing
1.1. Zone - MyComputer: FullTrust
1.1.1. StrongName - [BIG NUMBER]: FullTrust
1.1.2. StrongName - 00000000000000000400000000000000: FullTrust
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web.
1.2.2. All code: Same directory FileIO - Read, PathDiscovery
1.3. Zone - Internet: Internet
1.3.1. All code: Same site Web.
1.4. Zone - Untrusted: Nothing
1.5. Zone - Trusted: Internet
1.5.1. All code: Same site Web.
Level = User
Code Groups:
1. All code: FullTrust
1.1. All code: Nothing
Success
Here are the steps I have taken:
[0] make sure NO Office applications are running (to make sure they
get any caspol updates)
[1] create new Excel workbook VB Microsoft Office System Application -
use all defaults (create new workbook, allow system to update security
settings to allow workbook to run, etc...)
[2] compile it
[3] hit F5
[4] nothing - Excel flashes by for a second then the application exits
[5] turn on *all* exceptions in debugger
[6] F5 again
[7] same result; no exceptions pop up in debugger, no workbook
displays
[8] check caspol for my system now:
[all Enterprise and Machine settings same as above]
Level = User
Code Groups:
1. All code: FullTrust
1.1. All code: Nothing
1.1.1. Url - file://C:/dev/src/Sandbox/cpopp/ExcelProject1/ExcelProject1/ExcelProject1_bin/*:
Execution
1.1.1.1. Url -
file://C:/dev/src/Sandbox/cpopp/ExcelProject1/ExcelProject1/ExcelProject1_bin/ExcelPr
oject1.dll: FullTrust
Success
Here's the caspol output for specific assembly for the solution:
>caspol -rsg .\ExcelProject1_bin\ExcelProject1.dll
Microsoft (R) .NET Framework CasPol 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
Level = Enterprise
Code Groups:
1. All code: FullTrust
Level = Machine
Code Groups:
1. All code: Nothing
1.1. Zone - MyComputer: FullTrust
Level = User
Code Groups:
1. All code: FullTrust
1.1. All code: Nothing
1.1.1. Url - file://C:/dev/src/Sandbox/cpopp/ExcelProject1/ExcelProject1/ExcelProject1_bin/*:
Execution
1.1.1.1. Url -
file://C:/dev/src/Sandbox/cpopp/ExcelProject1/ExcelProject1/ExcelProject1_bin/ExcelPr
oject1.dll: FullTrust
Success
[9] checked EventLog - nothing
[10] go to new solution directory, attempt to open generated workbook
[11] get the dreaded:
"The current .NET Security Policy does not permit [VSTO-generated
.xls] to run from .\[VSTO Solution directory}_bin\. Do not change the
security policy in your computer... etc..."
I have done/read everything I can find:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dv
wrc
ore/html/wroritroubleshootinginofficeatruntime.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dv
wrc
ore/html/wrtskgrantingpermissionstofoldersassemblies.asp
Tried using 'OfficeDocumentMembershipCondition' discussed here:
http://weblogs.asp.net/ptorr/archive/2003/09/25/56217.aspx
Went through detailed 'Successfully debugging VSTO Projects' blog post
here:
http://weblogs.asp.net/ptorr/archive/2003/10/06/56250.aspx
I tried granting FullTrust to the root of 'c:\' and all
subdirectories:
(something like) caspol -m -ag 1.1 -url c:\* FullTrust -n "DELETE_ME"
-d "Full trust to
C:"
The strange thing is, I used the VSTO framework when it first was
released with no problems. This is driving me crazy. Any ideas would
be appreciated and I apologize if I missed something obvious.
Cappy Popp
caspol manually for Whidbey to get VSTO applications to run. I can now open
the actual documents, but still cannot debug them.
Detailed explanation:
Realizing I have VS.NET 2005/Whidbey installed (Tech Preview 1 I believe:
build 40426), I thought maybe this had something to do with it. I came across
this thread:
...which basically explains that if you have Whidbey installed, you need to
manually add your own code groups and trust levels for Office applications.
It appears that Office apps load/bind the latest version of the runtime
installed. So, I went to mscorcfg.msc for Whidbey and duplicated the entries
from my v1.1 configuration exactly. Here is what my Whidbey caspol output now
shows:
>caspol -a -lg
Microsoft (R) .NET Framework CasPol 2.0.40426.16
Copyright (C) Microsoft Corporation. All rights reserved.
Security is ON
Execution checking is ON
Policy change prompt is ON
Level = Enterprise
Code Groups:
1. All code: FullTrust
Level = Machine
Code Groups:
1. All code: Nothing
1.1. Zone - MyComputer: FullTrust
1.1.1. StrongName - [BIG NUMBER]: FullTrust
1.1.2. StrongName - 00000000000000000400000000000000: FullTrust
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web
1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery'
1.3. Zone - Internet: Internet
1.3.1. All code: Same site Web
1.4. Zone - Untrusted: Nothing
1.5. Zone - Trusted: Internet
1.5.1. All code: Same site Web
1.6. Application: Nothing
1.6.1. All code: Same site Web
1.6.2. All code: Same directory FileIO - 'Read'
Level = User
Code Groups:
1. All code: FullTrust
1.1. All code: Nothing
1.1.1. Url -
file://C:/dev/src/Sandbox/cpopp/ExcelProject1/ExcelProject1/ExcelProject1_bin/*: Execution
1.1.1.1. Url -
file://C:/dev/src/Sandbox/cpopp/ExcelProject1/ExcelProject1/ExcelProject1_bin/ExcelPr
oject1.dll: FullTrust
Success
I can now at least *open* the .xls files without the security error;
however, I still cannot debug them. Excel still flashes onscreen for a moment
and then disappears. I never see the worksheet.
Peter Torr (MS)
news:FC2E20DF-4D09-4256...@microsoft.com...
> I can now at least *open* the .xls files without the security error;
> however, I still cannot debug them. Excel still flashes onscreen for a
> moment
> and then disappears. I never see the worksheet.
Hi,
Unfortunately you cannot debug an assembly hosted by the Whidbey CLR from
the Everett debugger; either you have to manually boot the Whidbey VS IDE
and attach to the process, OR you can use a configuration file to lock Excel
to the Everett CLR.
Place the configuration file in the same folder as Excel.exe and call it
Excel.exe.config.
Peter
--
Please post questions to the newsgroup - everyone benefits.
This post is provided "AS IS" with no warranties, and confers no rights
Sample code subject to http://www.microsoft.com/info/cpyright.htm
Office / Security / Random weblog -- http://weblogs.asp.net/ptorr