ITQuants blog

Sophis Risque: how to verify that the .Net policy is right setted on Sophis assemblies?

Oct 2

Written by:
10/2/2013 5:53 PM  RssIcon

In most cases, when installed on the local hard disk, there is no problem to launch Sophis Risque.

Launching Sophis Risque from a network shared folder is quite a little bit harder, due to the fact that Sophis Risque loads 3 .Net assemblies which have to be registered on the GAC.

Normally, a .bat file is delivered by Sophis for each version in order to register them. It could be that is not always the case. In order to verify that the .bat file corresponds effectively to the assemblies that you have, it is interesting to verify it using some .Net SDK commands.

For example, concerning the SphDotNetSources.dll assembly, the following command will give the .Net strong name which has to be used in the caspol command:

"C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin\sn.exe" -Tp SphDotNetSources.dll


This will give in my sample the following key:

Public key token is 799442e4f418bb07


Which has to be used in the following caspol command:

SET DOTNET_FWK_DIR=C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727
rem Sophis
%DOTNET_FWK_DIR%\caspol.exe -q -m -ag All_Code -strong -hex 002400000480000094000000060200000024000052534131000400000100010079D1032D142FDD756ECC4C4ED8582B930591BC5A66148B38858269BBFEA5068AC0947E6DDFFD9961CD1267E7AD0AFCC01D72D117B83C4F96EB32ECD36FF96FAF0AB32BF0F7A4BAF2FAACD1EDA9162E2AE80A5A230A8B9DFAF2E6AC38895F99F3466DCFE6FC7BA309260F0E2CC53683083C50F9816F22D7F1406D4D46181608A7 -noname -noversion FullTrust -n SophisGroup


Same thing for the third parites Telerik assemblies which are used by Sophis Risque.

Finally, the following C# code permits to test if the policy FullTrust is setted on the assembly name:

public bool IsSophisTrusted(string sophisFolder, string assemblyName)
    string path = null;
    PolicyLevel level = null;
    IEnumerator enumerator = null;
    CodeGroup group = null;
    Assembly assembly = null;
    path = sophisFolder;
    path = path +"@\" + assemblyName;
        assembly = Assembly.LoadFile(path);
        enumerator = SecurityManager.PolicyHierarchy();
        while (true)
                if (!enumerator.MoveNext())
                group = ((PolicyLevel) enumerator.Current).ResolveMatchingCodeGroups(assembly.Evidence);
            while (!level.GetNamedPermissionSet(group.PermissionSetName).Name.Equals("FullTrust"));
            return true;
    catch (Exception)
    return false;

Search blog