chevron-thin-right chevron-thin-left brand cancel-circle search youtube-icon google-plus-icon linkedin-icon facebook-icon twitter-icon toolbox download check linkedin phone twitter-old google-plus facebook profile-male chat calendar profile-male
Welcome to Typemock Community! Here you can ask and receive answers from other community members. If you liked or disliked an answer or thread: react with an up- or downvote.
0 votes
Hello,

I began to limit the permissions granted to my assemblies by using SecurityAction.RequestOptional and SecurityAction.RequestRefuse. However I cannot use Typemock for testing partially trusted assemblies. With typemock enabled, an SecurityException saying "That assembly does not allow partially trusted callers." is thrown (the test assembly containing the unit tests is still granted FullTrust). Without typemock everything works fine.

Not only Typemock is affected by that problem. E.g. the Testrunner profiler causes the same issue. In order to make the tests work fine, both need to be disabled. I was also able to reproduce the issue in a clean VMware environment without Testrunner being installed.

I prepared a sample Visual Studio solution, that reproduces the issue. In order to make it work, you have to update the reference to the nunit.framework assembly. Once you have also updated the path to the nunit-console.exe in the project options you can also run the tests by hitting F5. The solution can be downloaded here: http://www.epifiles.de/daten/tmp/TypemockError.zip

Thanks for your assistance

Philipp
asked by philipp (2.9k points)

9 Answers

0 votes
Hi Philip
Thanks for your detailed report.
We are looking into your problem, I'll get back to
as soon as we'll have something.
answered by ohad (35.5k points)
0 votes
Do you require further information?
answered by philipp (2.9k points)
0 votes
Hi
The example you supplied is great and we succeed in creating
the problem but we didn't
found a fix for this problem yet.
answered by ohad (35.5k points)
0 votes
May I delete the file from my webspace?
answered by philipp (2.9k points)
0 votes
Hi
Sure we already downloaded the example.
answered by ohad (35.5k points)
0 votes
Hi Philipp,



I've gone through the code samples, and investigated. Here’s what happens:



When TypeMock is enabled (whether used directly or not), while the code is JITted TypeMock injects instrumentation code (This is done only at runtime, the assembly is not recompiled). When the code is run it calls into TypeMock. And for that it needs permissions. Specifically, it needs SecurityPermission.



When you use:

[assembly: FileDialogPermission(SecurityAction.RequestOptional, Unrestricted = true)]




The RequestOptional part tells the system to refuse any other permissions (other than FileDialog, obviously). In order to call into TypeMock, you need to add the following line in the AssemblyInfo file of your code:

[assembly: SecurityPermission(SecurityAction.RequestMinimum, Unrestricted = true)]



With these two lines, you can run your tests. Now if you want to limit the permission for testing only, you can use it under a #define block. Also, keep in mind that that turning off caspol (The code access security policy tool) is also a valid option. It can be triggered once you start the run, but it always turns on again at the end of the process. You can start the process at the beginning of the build, and kill it at the end, for example.



Let me know if you need additional help.



Gil Zilberfeld

Typemock Support Team
answered by gilz (14.5k points)
0 votes
After having applied the patch you sent me, no SecurityException is thrown any more (by none of the test methods). Instead I get a VerificationException in some tests (not all; most tests run fine now). Sure, with the SkipVerification Permission, this would not happen, but I do not understand why

1) Unverifiable (IL) code is generated.
2) Not every test is affected.
3) All my sample test methods have in common, that they do not make use of TypeMock. Thus, from the TypeMock point of view, they should be all equal. However, the SkipVerification permission is only required by few test methods. All methods requiring SkipVerification permission, have in common, that the return value is generic and the signature contains at least one reference type (but not object).

Example:

// requires SkipVerification
public static TReturn Method<TReturn>(string value) { .. }

// does not require SkipVerification
public static TReturn Method<TReturn>(object value) { .. }
public static TReturn Method<TReturn>(int value) { .. }
answered by philipp (2.9k points)
0 votes
Hi Philipp,

Thanks for your feedback. You have very good questions, and the answer is in how Typemock works.

When Typemock is enabled it uses the profiler's API to intercept calls to the JITter. When a method is JITted, the call is injected with hooks into TypeMock. This hook determines if the current method should be mocked (based on earlier set expectations), and if it should be - then mock the call. Obviously, if there is no use for Typemock in the tests. such as setting expectations, the generated IL doesn't do much. So in that sense, regular code is basically not affected.

However, as you pointed out, this rule should apply to all tests, and all should be affected the same way. After further examination, it looks there might be a bug :evil: in the specific case of calling a generic method with reference types. (Generic types are seemingly do not cause a verification error).

We will investigate this and get back to you, once we resolve this.
answered by gilz (14.5k points)
0 votes
Hi,

Update: The fix for the partially trusted code problem is now part of the 4.2 version, which is available at https://www.typemock.com/Downloads.php.

The unverifiable code issue is still under investigation.
answered by gilz (14.5k points)
...