.NET Security Policies
Previous Top Next


My application crashes when I run from a Network drive, Internet Download Link, or other location but works from my c:\

In order to allow your .NET application to run from Network paths or directly from the Internet Explorer Temporary directory, you need to adjust the security permissions for the .NET Framework. How to accomplish this:

Applications that do not use Thinstall to link with the .NET Framework:
Each user needs individually adjust their security settings using the control panel (see instructions below).

Applications that use Thinstall to link with the .NET Framework:
You can adjust the security level on your development computer to permit any type of execution you want, then link the EXE using Thinstall and the security settings from your development computer will be "frozen" into the EXE you build. In this manner, end users do not need to make any modifications to their computer.

On your development computer, Thinstall links the current version of your .NET Security policy with your EXE when "Link .NET Framework" or "Import .NET Framework" options are selected. This file will show up in your project as "security.config" like this:


clip0364

To adjust the security policy on your development computer follow these steps:

Start Menu -> Control Panel -> Administrative Tools -> Microsoft .NET Framework 1.1 Wizards Shortcut
clip0366

Select "Adjust .NET Security"
clip0367

Select "Make changes to this computer"
clip0368

For each Zone, change the level of trust to "Full Trust".

Making these changes will modify the security.config file located under c:\windows\microsoft.net\framework\v1.1.4322\config. This file is "frozen" into your EXE at the time of build. You will likely want to change your security settings back to default after building your EXE to prevent accidental security compromise on your development machine. For the most part allowing execution of .NET code from a network drive does not present a major security risk and this setting may be left on as you see fit.

FAQ About security settings

Q: If I ship an application that has "full trust" security settings enabled, does this open security holes on the end user's machine?
A: No. The security settings included in your EXE will only apply to your application, and not to the user's computer in general. You are giving your application full permission to do anything it wants, but any other .NET applications on the user's computer will be restricted to using the system security configuration.