C# Assembly.LoadFrom(myNetworkPath) throws FileLoadException

Question

I'm developing a small demo that assemble class from DLL file.

This is my code:

string path = @"\\192.168.1.3\shareFolder\testzwm.dll";
Assembly ass = Assembly.LoadFrom(path);

It always throws FileLoadException

However if I change to :

string path = @"C:\testzwm.dll";
Assembly ass = Assembly.LoadFrom(path);

It works.

Does it mean I cannot load dll from network path? I think it doesn't make sense. I have read/write authority in \192.168.1.3\shareFolder

If I change the first path to \192.168.1.3\shareFolder\testzwmWRONG.dll, it throws FileNotFoundException , not the same with FileLoadException.

So I guess it's some security problem

Any help is so appreciated.

------------------EDIT------------------ My project is Windows Form Application.

Answer 1

Add the following to your config file

<configuration>
   <runtime>
      <loadFromRemoteSources enabled="true" />
   </runtime>
</configuration>

In addition read this article http://blogs.msdn.com/b/shawnfa/archive/2009/06/08/more-implicit-uses-of-cas-policy-loadfromremotesources.aspx

Answer 2

While Mike's answer is correct it can have some potentially undesired side-effects. Enabling loadFromRemoteSources changes the security configuration of your entire application to allow loading any remote assembly.

One alternative is to load the content of the file into a byte array, then use Assembly.Load to load it:

public static Assembly LoadRemoteAssembly(string filename)
{
    byte[] asmdata = System.IO.File.ReadAllBytes(filename);
    return Assembly.Load(asmdata);
}

While you are still bypassing application security by tricking the .NET framework into loading an assembly from the network, you aren't opening your application up to every assembly on the network.

It might seem like a trivial difference but if you have to poke holes in your security layers, try to make them little holes.