Luke Ryan Jernejcic

IIS Exception: System.Security.SecurityException… fail

June 27, 2012

I was trying to push some updates for a website to the production machine. After pasting the new files into the web directory, I hit the site and got this error:

Exception Details: System.Security.SecurityException: Request for the permission of type ‘System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089′ failed.

I found this post on an MSDN blog. To sum it up, the NTFS file system is tracking where the file came from, and I downloaded my zip file through Internet Explorer (also tried through FireFox but same issue).

Solutions:

  1. That first post and many other said that after deploying the files, right click on the DLL’s, and if the file is one of the ones causing your problem you see “Security: This file came from another computer and might be blocked to help protect this computer.” and an “Unblock” button to the right. Click the “Unblock” button and then search out any other files and repeat.
    Lots of people found this solution to work. I on the other hand did not. It seems that it was not saving my settings as with every view of the file properties it was showing the file as still blocked (and more importantly IIS was still choking). The next solution is what worked for me.
  2. NTFS is basically setting a “Zone” flag. So what we can do is reset the zone flag. Open a command prompt, navigate to where your zip file (or any file you want to remove the zone from) and run this command:
  echo. > my_blocked_file.zip:Zone.Identifier

Then copy and paste you files as usual. Totally worked for me. None of the files were showing up as blocked and IIS ran fine. Credit for this solution due to this StackOverflow article (nothing new there).


Written by Luke Ryan Jernejcic who lives and works in Austin Texas building useful things. Follow him on Twitter