MySql.Data in GAC, still SecurityException

问题

I have a problem with MySql.Data in a partial trusted environment. I've added MySql.Data to the GAC (by installing it with the MSI from the mysql.com site). As you can see here:

>gacutil /l | grep -i mysql
  MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d,
 processorArchitecture=MSIL
  MySql.Data.CF, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c4
4d, processorArchitecture=MSIL
  MySql.Data.Entity, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc889
69c44d, processorArchitecture=MSIL
  MySql.Web, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d,
processorArchitecture=MSIL

>

I've add the following to my web.config:

<configuration>
    <system.web>
      <trust level="Vevida"/>
      <compilation debug="true" targetFramework="4.0">
        <assemblies>
          <add assembly="MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"/>
        </assemblies>
      </compilation>
    </system.web>    
</configuration>

But I still get the following exception: Exception Details: System.Security.SecurityException: Request for the permission of type 'MySql.Data.MySqlClient.MySqlClientPermission, MySql.Data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d' failed.

It is thrown when I try to open a connection.

I'm not sure what I can check more. According to the MySql documentation, I need at least the following permissions: System.Net.SocketPermission, System.Security.Permissions.ReflectionPermission, System.Net.DnsPermission, and System.Security.Permissions.SecurityPermission

In my trust level I these:

<IPermission
    class="SocketPermission"
    version="1"
    Unrestricted="true">
</IPermission>
<IPermission
    class="ReflectionPermission"
    version="1"
    Flags="RestrictedMemberAccess"/>
<IPermission
    class="DnsPermission"
    version="1"
Unrestricted="true"/>
<IPermission
    class="SecurityPermission"
    version="1"
    Flags="Execution,ControlPrincipal,ControlThread,SerializationFormatter"/>

As far as I can see in the documentation, this is enough. Also tried to set the SecurityPermission and ReflectionPermission to unrestricted, this didn't help.

Do you have any ideas?

回答1:

MySqlClientPermission has to be added to the medium trust config as SecurityClass and IPermission. My web_mediumtrust.config addition is:

<SecurityClass Name="MySqlClientPermission"
  Description="MySql.Data.MySqlClient.MySqlClientPermission,
  MySql.Data, Version=6.5.4.0, Culture=neutral,
  PublicKeyToken=c5687fc88969c44d"
/>

<IPermission class="MySqlClientPermission" version="1">
  <add connectionString="Server=;Database=;User=;Password=;Port=;Pooling=;"
    restrictions=""
    KeyRestrictionBehavior="PreventUsage" />
</IPermission>

As also posted on http://www.saotn.org/mysql-connector-net-6-5-partial-trust/

回答2:

Every time your code opens a MySqlConnection, the MySql client makes a demand for MySqlClientPermission on the connection string. Your application must have this permission, regardless of whether the MySql client assemblies are in the GAC or not.

The permissions listed at http://englishebook.info/1/software-to-download/656-running-connectornet-65-inside-medium-trust-level (the ones that you've mentioned in your question) are the ones need by the MySql client assemblies, not the ones needed by your ASP.NET application. To allow your application to use MySql, you will need to grant it MySqlClientPermission.

来源：https://stackoverflow.com/questions/9792920/mysql-data-in-gac-still-securityexception