I suggest you ...

provide binaries with AllowPartiallyTrustedCallersAttribute

Since people do use Castle in medium trust scenarios and building whole stack manually is not the easiest and funniest thing to do, especially given you can't really do it in one go, I suggest we provide medium trust-compatible version of Castle assemblies in binary form, ready to use.

26 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Krzysztof KoźmicAdminKrzysztof Koźmic (Admin, Castle Project) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Krzysztof KoźmicAdminKrzysztof Koźmic (Admin, Castle Project) responded  · 

    it is now possible to get APTCA version of castle libraries via horn project:
    “horn -install:castle.activerecord -version:2.1.2 -mode:aptca”

    please notice that these are not officially supported builds

    11 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • N!ckyN!cky commented  ·   ·  Flag as inappropriate

        I am having trouble finding the right link to the Horn Project . Can someone help me out with the right link?

      • Dave SykesDave Sykes commented  ·   ·  Flag as inappropriate

        Hi Guys,

        When I try
        "horn -install:castle.activerecord -version:2.1.2 -mode:aptca"

        horn terminates with the following error
        Unhandled Exception: Horn.Core.MissingBuildFileException: No build file component castle.activerecord at path C:\hornget\.horn\ioc\castle.activerecord.
        at Horn.Core.PackageStructure.BuildFileResolver.Resolve(DirectoryInfo buildFolder, String fileName) in e:\horn\.horn\builders\horn\Working\src\Horn.Core\PackageTree\BuildFileResolver.cs:line 31
        ....

        Looking in the C:\hornget\.horn\builders\horn\Working folder it appears to be empty.

        If I remove the version switch, which I guess will take the head revision then all builds fine. Any ideas anyone?

        I'm on Windows 7 ultimate x64

        Dave

      • BSPBSP commented  ·   ·  Flag as inappropriate

        Saw that in the discussion group Mauricio. Please join into the group discussion if you can inform me how to use that link. I'm admittedly an OSS n00b, but if I can download the APTCA binaries from there, I'll jump through any hoops necessary (including installing GIT, which it looks like I need for Horn). I've been trying to get this going by buiding the source from subversion. If I'm doing things the hard way, please let me know, because i have yet to get a successful build.
        Thanks,
        B

      • BSPBSP commented  ·   ·  Flag as inappropriate

        This would be great for those of us running our sites on providers who only provide medium trust. Looks like the transparency model may be the solution in future versions, but for those of us needing a solution now, providing the binaries with partial trust turned on would save us a ton of research and build time. This is a difficult problem to diagnose for the uninformed.
        Best Regards,
        B

      • sweeperqsweeperq commented  ·   ·  Flag as inappropriate

        Most shared hosting providers run in Medium Trust which prevents potential users from utilizing Castle assemblies out of the box. I read a lot of discussion on why people did not want APTC enabled by default (security, support, etc.). I'm wondering though...if you are running a web app in Full Trust so that Castle works, aren't you also taking a security risk? After all, you are opening up your web app and giving it access to resources beyond the scope of the application (e.g. accessing files outside of web root).

        Is there any another way to use Castle in Medium Trust besides adding APTC attributes? How are other people running Castle but keeping the application isolated?

      • Jonathon RossiAdminJonathon Rossi (Admin, Castle Project) commented  ·   ·  Flag as inappropriate

        In 2008, we had a discussion about publishing binaries with APTCA and were against it because we couldn't and still cannot do a proper security audit:
        http://groups.google.com/group/castle-project-devel/browse_thread/thread/33a891ce7da71225/f6bd971e33a54a9c

        The way to go is the transparency model, it is much simpler than CAS and it is what CoreCLR/Silverlight uses:
        http://msdn.microsoft.com/en-us/magazine/cc765416.aspx

      Feedback and Knowledge Base