SharePoint Code Access Security-requirements to call Page.TemplateControl.ParseControl

Question

Hi,

What are the CAS policy requirements to call the method Page.TemplateControl.ParseControl as referenced here? http://msdn.microsoft.com/en-us/library/kz3ffe28(loband).aspx

Specifically, in SharePoint I've tried to call the method in a Minimum-trust environment, but get this error on the page:

Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

However, in a Medium-trust environment, no problems.

Thanks!

Answer 1

The quickest way to work this out would be: 1) Make a copy of the medium-trust file 2) Add the trust entry to the web.config file and make that the trust level. 3) Start removing entries from the copied trust manifest, following by refreshing the page which is doing the Page.TemplateControl.ParseControl. When you find a permission removal that breaks the page, make a note of it. 4) Repeat the process until you formulate the minimal ammount of permissions required by this page. 5) Compare these with your custom trust file, add the missing permissions one by one and then it should just start working.

Generally: SharePoint requires some permissions that make you question what good you custom CAS policy file is to the security of the system. CAS policies file feature is turned off by default in .Net 4 which indicates that Microsoft is ditching the way that security permissions are currently managed. Thought SharePoint 2010 requies .Net 3.5 so I don't think these CAS policy issues with SharePoint are going away any time soon.