The FileSystemWatcher class and medium trust.

This morning I sat down and started looking at why Community Server Enterprise Reporting was having problems running under medium trust. I kept on thinking something is majorly wrong if Community Server can run under medium trust and we can't. I figured that all the reflection we use in Community Server Enterprise Reporting was causing the problems. Then I remembered that Community Server uses reflection. If Community Server uses reflection in a couple places then that's not the reason Enterprise Reporting is blowing up. I decided I better do some research.

 I started reading a document I found on MSDN. I was quite shocked when I read the following line: "Medium trust applications have no registry access, no event log access, and no ability to use reflection" ( How To: Use Medium Trust in ASP.NET 2.0 ).  A part of this statement is incorrect because one can use reflection to a certain extent under medium trust. In this case, the only thing reflection can't accomplish is getting access to protected members.  Please note, that this document is being updated as we speak.

Now that I know we don't ever try accessing protected members in our reflection code, I can take that off the list. Next, I decided that I should check out the FileSystemWatcher class. Anything that watches a whole directory for you has to be doing some sketchy black magic under the hood ;). As it turns out this was the root cause of the trust issue. After reviewing the documentation for FileSystemWatcher class I noticed the following:

NET Framework Security

·         SecurityPermission  for calling members of ProcessStartInfo. Demand value: LinkDemand; Named Permission Sets: FullTrust.

  • SecurityPermission for deriving from the ProcessStartInfo class. Demand value: InheritanceDemand; Named Permission Sets: FullTrust.

After looking in Reflector at the FileSystemWatcher class, my guess is the reason the class requires full trust is that it uses pointers.  Since pointers are classified as "unsafe" code, the class is automatically needs full trust to run.

The Workaround

Please note that there is always more than one work around to any given problem.  This is how I accomplished getting the same functionality that the FileSystemWatcher offered, while running under medium trust.

I knew from the start that I would only ever be checking one file and not a whole directory. Knowing this I created a Timer (from System.Timers), and set the interval to ten seconds.

 

Timer myTimer = new Timer(10000);

myTimer.Elapsed += WatchFileTimer_Elapsed;

myTimer.Enabled = true;
 

Every ten seconds I checked inside the Elapsed event to see when the last time that file was modified. The code is pretty simple and the most importantly it runs under medium trust!
 

FileInfo fi = new FileInfo(file);                                             

int result = DateTime.Compare( fi.LastWriteTimeUtc, DateTime.Now.ToUniversalTime().AddSeconds( -10 ) );

 

if (result > 0)

{
 

PS. If you have a better solution to this problem, let me know because I am always willing to learn something new.

Read the complete post at http://telliterns.com/blaken/archive/2007/08/07/the-filesystemwatcher-class-and-medium-trust.aspx


Posted Aug 07 2007, 07:18 PM by Blake Niemyjski's Blog |
windowscoding.com;
Copyright © 2008 Windows Coding
Microsoft and Microsoft logo's are trademarks of Microsoft Corporation.