.NET ActiveX Permission Problem

[markoueis]

I've signed my activeX control with a public key (strong name). I've
set up the client machine to grant full trust to code signed with that
public key. I did this using the .NET Configuration 1.1 Tool -->
Runtime Security Policy --> Machine --> Code Groups --> All Code -->
New() --> Membership Condition = StrongName.

Yet, when the IE browser runs the activeX control and I click on a
button that tells the activeX control to run notepad on the client
machine, i get the Microsoft .NET Framework permission denied box.

However, If I change the membership condition type from strong name to
Site, and put it the corresponding website, then it works. This would
seem to indicate to me that the key is just not correct. However, if i
do the same thing, but with an EXE instead, it works based on the
strong name alone. (with no strong name it doesn't work but with strong
name it does). So why isn't the dll running in the correct code group?

Can anyone tell me what's so special about activeX ddls and how do i
fix this? It should be able to work through the strong name.

Help

Mark

 

[markoueis]

Does anyone have an answer? Anyone have any hints at least?

Mark

 

[Nicole Calinoiu]

The basic reason behind this is that IEExec is evaluating your assembly
evidence before it loads the assembly, so it doesn't use the strong name.
For more details and some workarounds, see
http://blogs.msdn.com/shawnfa/archive/2003/06/26/57026.aspx.