Code Access Security problem - what's the issue here?

Question

Background

I have a post-build event which I use to generate some batch files which contain the current version number of our application. The event calls a batch file, which calls a managed app which loads the assembly and uses reflection to find its version information.

Problem

When the post-build event runs locally, every is fine. When it's run under our automated build process, I see the following error in the logs. I know nothing about Code Access Security, and was hoping someone could point out the problem quickly.

call GenerateBatchFiles.bat Q:\MyApp\MyCompany.Services.Hosts.MyApp.exe

       Unhandled Exception: System.Security.SecurityException: Request failed.
          at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed)
          at System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Object assemblyOrString, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed)
          at System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle rmh, Object assemblyOrString, SecurityAction action, Boolean throwException)
          at System.Security.CodeAccessSecurityEngine.CheckSetHelper(CompressedStack cs, PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle rmh, Assembly asm, SecurityAction action)
          at Version.Program.Main(String[] args)
       The action that failed was:
       LinkDemand
       The type of the first permission that failed was:
       System.Security.PermissionSet
       The demand was for:
       <PermissionSet class="System.Security.PermissionSet"
       version="1"
       Unrestricted="true"/>

       The granted set of the failing assembly was:
       <PermissionSet class="System.Security.PermissionSet"
       version="1">
       <IPermission class="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Read="USERNAME"/>
       <IPermission class="System.Security.Permissions.FileDialogPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Unrestricted="true"/>
       <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Read="Q:\MyApp\"
       PathDiscovery="Q:\MyApp\"/>
       <IPermission class="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Allowed="AssemblyIsolationByUser"
       UserQuota="9223372036854775807"
       Expiry="9223372036854775807"
       Permanent="True"/>
       <IPermission class="System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Flags="ReflectionEmit"/>
       <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Flags="Assertion, Execution, BindingRedirects"/>
       <IPermission class="System.Security.Permissions.UIPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Unrestricted="true"/>
       <IPermission class="System.Security.Permissions.UrlIdentityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Url="file:///Q:/MyApp/Version.exe"/>
       <IPermission class="System.Security.Permissions.ZoneIdentityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Zone="Intranet"/>
       <IPermission class="System.Net.DnsPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
       version="1"
       Unrestricted="true"/>
       <IPermission class="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
       version="1"
       Level="DefaultPrinting"/>
       </PermissionSet>

       The assembly or AppDomain that failed was:
       Version, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
       The Zone of the assembly that failed was:
       Intranet
       The Url of the assembly that failed was:
       file:///Q:/MyApp/Version.exe

Answer 1

Which version of the framework are you using? Older versions don't trust network shares much - so you might need to use "caspol" to enable trust (or move the file locally before running it). More recently, the framework does trust mappped shares (such as Q:\), but doesn't trust UNC shares (\\someserver\whatever) without a "caspol" tweak.

The simplest option, though, is to run the exe from a local drive rather than over the network.