Share via

Executing a simple C# CGI.exe from IE address bar throws error

  • Article

Not that I recommend CGI, but recently I found an interesting issue. Whenever we tried to execute an CGI exe from the IE address bar directly (https://localhost/cgiapps/ConsoleCGIApp.exe), it used to throw an error message like...

Unhandled Exception: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) at System.Security.CodeAccessPermission.Demand() at System.Environment.GetEnvironmentVariable(String variable) at CGITest.Class1.Main(String[] args) The action that failed was: Demand The type of the first permission that failed was: System.Security.Permissions.EnvironmentPermission The first permission that failed was: The demand was for: The granted set of the failing assembly was: The assembly or AppDomain that failed was: ConsoleApplication1, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null The method that caused the failure was: Void Main(System.String[]) The Zone of the assembly that failed was: Internet The Url of the assembly that failed was: file://?/c:/inetpub/wwwroot/ConsoleAp.exe

I was pretty sure that it was due to Code Access Security but to my amazement, running caspol -s off didn't fix the issue (it was not a resolution but I just wanted to check)!

Then, I gave fulltrust to my Local Intranet zone and added https://localhost to my Local Intranet zone and it didn't helped either.

Finally, I did the following to resolve the issue...

1. I was running .NET Framework 2.0 on my root website.
2. Open Start->Control Panel->Administrative Tools->Microsoft .NET Framework 2.0 Configuration
3. Expanded My Computer->Runtime Security Policy->Machine->Code Groups->All_Code
4. Right click All_Code and select New.
5. Create a new code group and give a Name. Say "CGIs on this box" and Click Next
6. Choosed the condition type for this code Group should point to "URL"
7. Type file:////<Your path to the CGI's folder\*>. In my case it was file:////c:\inetpub\wwwroot\CGIApp\* and click Next
8. Use Existing Permission set should be set to "FullTrust".
9. Click Next and then Finish.
10. Your CGI application should work correctly now from the browser provided you have enabled "All unknown CGI extensions" from the Web Service Extensions.

I know this is a workaround, but I am still unable to figure out that if it is related to CAS (which I am sure it is), why didn't it work when I turned it off. If anyone reading this knows the reason, I would really appreciate if you could let us know!!!

In the meantime... I hope this helps :o)

Cheers,
Rahul