SecurityException was unhandled by user code .Request for the permission of type 'System.Security.Permissions.FileIOPermission

I am trying to migrate my MOSS 2007 web parts to a SharePoint 2010 environment.

My environment is a Windows Server 2008 64Bit, Visual Studio 2008 and SharePoint 2010.

On adding the web parts to a SharePoint 2010 site behind the scene, it is accessing the configuration file of log4net, and doing so it's producing an error saying "SecurityException was unhandled by user code".

It is getting while running this line of code :

FileInfo fi = new FileInfo(log4netConfigFilePath);

Exact error from Exception Type:

"Request for the permission of type 'System.Security.Permi开发者_C百科ssions.FileIOPermission
   , mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
   failed."

This is the stack trace:

at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessPermission.Demand()
   at System.IO.FileInfo..ctor(String fileName)
   at ProjectWorld.Logging.LogManager.Configure()
   at ProjectWorld.Logging.LogManager.EnsureConfiguration()
   at ProjectWorld.Logging.LogManager.GetLogger(WebPart webPart)
   at ProjectWorld.WebParts.PRSWebParts.QBWebPart..ctor()
   at T_c39ca68b_5b0a_4d36_b052_e470116a6771.CreateInstance()
   at System.Web.HttpRuntime.FastCreatePublicInstance(Type type)
   at System.Web.UI.WebControls.WebParts.WebPartManager.ImportWebPart(XmlReader reader, String& errorMessage)

I tried running this code under Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges, but it also produced this error.

Please help me solve this error.

We had the exact same issue and resolved it by placing the initialization of the log4net config file info outside the constructor inside the OnInit method.

This also applied to private global variables (with a very similar exception) such as:

private readonly SPList _projectList = SPContext.Current.Web.GetList(SPContext.Current.Web.ServerRelativeUrl + "/Lists/Inquiries");

Set the web.config of your application to run with full trust. ()

It would be better to change the code and assign the privilege (see Code Access Security documentation) and deploy a custom trust file along with your application.