Loading a dll from a COM executable that is running under a custom user isn't working

[cmalcan]

Hi,

on a Windows Server 2008 x64 machine we are trying to load a dll from a COM executable under a particular local user (added to local Administrators group).

The problem is not caused by the dll itself, because we have written a small program that calls that dll successfully.

We experience the problem from a .NET web application that runs under an AppPool configured with the same custom user. In the web application we get the following error:

System.Runtime.InteropServices.COMException (0x80029C4A): Error loading type library/DLL. (Exception from HRESULT: 0x80029C4A (TYPE_E_CANTLOADLIBRARY))

we were thinking about a permission problem, so we set the full control to that specific user on the folder where the dll is and also on IIS application pool the Web application runs under.

Is there something new in Windows Server 2008 regarding security issues and/or COM dlls?

Thanks in advance.

 

[DelJo63]

Hi,
We experience the problem from a .NET web application that runs under an AppPool configured with the same custom user. In the web application we an error:
...
we were thinking about a permission problem, so we set the full control to that specific user on the folder where the dll is and also on IIS application pool the Web application runs under.

The IIS Pool will cause all apps to run under the same authority as IIS itself which
is designed to avoid security issues. The perms of the Pool should not be changed! If there
is Internet access to this instance of IIS, you have a major security exposure !

INSTEAD, set the Security of the DLL itself. FULL control should not be necessary as
TYPE_E_CANTLOADLIBRARY is a READ/EXEC issue