The FileSystemWatcher class and medium trust.

August 7, 2007

3 minute read

This morning I sat down and started looking at why Community Server Enterprise Reporting was having problems running under medium trust. I kept on thinking something is majorly wrong if Community Server can run under medium trust and we can’t. I figured that all the reflection we use in Community Server Enterprise Reporting was causing the problems. Then I remembered that Community Server uses reflection. If Community Server uses reflection in a couple places then that’s not the reason Enterprise Reporting is blowing up. I decided I better do some research.

I started reading a document I found on MSDN. I was quite shocked when I read the following line: Medium trust applications have no registry access, no event log access, and no ability to use reflection (How To: Use Medium Trust in ASP.NET 2.0). A part of this statement is incorrect because one can use reflection to a certain extent under medium trust. In this case, the only thing reflection can’t accomplish is getting access to protected members. Please note, that this document is being updated as we speak.

Now that I know we don’t ever try accessing protected members in our reflection code, I can take that off the list. Next, I decided that I should check out the FileSystemWatcher class. Anything that watches a whole directory for you has to be doing some sketchy black magic under the hood ;). As it turns out this was the root cause of the trust issue. After reviewing the documentation for FileSystemWatcher class I noticed the following:

NET Framework Security
SecurityPermission for calling members of ProcessStartInfo. Demand value: LinkDemand; Named Permission Sets: FullTrust.
SecurityPermission for deriving from the ProcessStartInfo class. Demand value: InheritanceDemand; Named Permission Sets: FullTrust.

After looking in Reflector at the FileSystemWatcher class, my guess is the reason the class requires full trust is that it uses pointers. Since pointers are classified as unsafe code, the class is automatically needs full trust to run.

The Workaround

Please note that there is always more than one work around to any given problem. This is how I accomplished getting the same functionality that the FileSystemWatcher offered, while running under medium trust.

I knew from the start that I would only ever be checking one file and not a whole directory. Knowing this I created a Timer (from System.Timers), and set the interval to ten seconds.

Timer myTimer = new Timer(10000);
myTimer.Elapsed += WatchFileTimer_Elapsed;
myTimer.Enabled = true;

Every ten seconds I checked inside the Elapsed event to see when the last time that file was modified. The code is pretty simple and the most importantly it runs under medium trust!

FileInfo fi = new FileInfo(file);

int result = DateTime.Compare(fi.LastWriteTimeUtc, DateTime.UtcNow.AddSeconds(-10));
if (result > 0) {}

PS. If you have a better solution to this problem, let me know because I am always willing to learn something new.

Read the complete post at telliterns.com/blaken/archive/2007/08/07/the-filesystemwatcher-class-and-medium-trust.aspx

Join the mailing list

Get notified of new posts and related content to your inbox. I will never sell you anything and I will NEVER sell your email address.

blog

Home

Home Automation

Programming

Reviews

Public Speaking

About

Recent Posts

How-to get notifications when your mailbox is opened

Disturbing trends in smart home products and services

Securing smart home devices with ESPHome and Home Assistant

Building and maintaining a smart home presentation