Policy Assemblies Headaches

Have you also encountered this error message when you are trying to add an assembly to the policy assembly list in ‘mscorcfg.msc’ saying that your assembly is not strong named?? I mean – you can only add assemblies from the GAC – i wonder how my assemblies make it in the GAC without having a strong name??? So this is clearly a bug of the tool.

I observed this behaviour on 1.1 and 2.0 and it happens randomly.

What always works, is to add the assembly programmatically – so i wrote this little tool, which may be also helpful for installation packages, whatever. enjoy.

using System;

using System.Reflection;

using System.Collections;

using System.Security.Permissions;

using System.Security.Policy;

using System.Security;


namespace LeastPrivilege.Tools


  class Program


    static void Main(string[] args)


      IEnumerator policyLevelEnumerator = SecurityManager.PolicyHierarchy();

      while (policyLevelEnumerator.MoveNext())


        PolicyLevel lvl = (PolicyLevel)policyLevelEnumerator.Current;

        if (“Machine” == lvl.Label)


          AssemblyName asm = AssemblyName.GetAssemblyName(args[0]);

          StrongNamePublicKeyBlob snpkb =
new StrongNamePublicKeyBlob(asm.GetPublicKey());

          StrongName sn = new StrongName(snpkb, asm.Name, asm.Version);





          foreach (StrongNameMembershipCondition snmc in lvl.FullTrustAssemblies)










This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s