I have a VB.NET application that works fine when I run it from any folder on my local drive. But
if I try to run it from a networked drive, it fails. The networked drive is a snap server, not a
Windows 2000 server. I don't know if that would make a difference or not?
The fact that you're running an application from a snap server doesn't matter. However, the fact that you're running a .NET application from a network share matters very much. The security settings in .NET are managed by a part of the runtime known as Code Access Security (CAS). In CAS, permissions are awarded to each assembly based on evidence, that is, some characteristic of the assembly itself, rather than the user that's running the assembly. Examples of evidence include what site an assembly is from, what URL was used to load it, what key was used to sign it and, most commonly, what zone an assembly is from. Anything copied to a computer's hard drive and launched via a drive-based path name is from the My Computer zone and is awarded full trust. However, anything from a network share is from the intranet zone, which means that it's awarded partial trust. The permissions awarded to an assembly from the Intranet zone by default are available via the Microsoft .NET Framework Configuration administration tool and shown in Figure 1.
Figure 1: Default permissions for assemblies from the intranet zone
The set of permissions awarded in the intranet zone are certainly greater than those from the Internet zone, to be sure, but are still not everything that a developer may come to expect when running from the My Computer zone. This unexpected limitation coupled with the relative newness of CAS itself and how CAS is applied for applications launched from network shares often lead a developer to be surprised and frankly, hurt as their advanced are spurned by the .NET runtime. They often want to just go back to the honeymoon of the My Computer zone without really understanding the value that the CAS model offers them.
Luckily, this need is so great and so common that I've written an entire article on how to
increase the permissions of an assembly from other than the My Computer zone. It's available as Increasing
permissions for Web-deployed WinForms applications, and attempts to convince you of the value
of the protection that CAS provides before showing you how to turn it off, much as your significant
other may attempt to convince you of the value of settling down before you turn to the arms of
This was first published in January 2003