I posted a rather long reply in newsgroup microsoft.public.dotnet.framework.clr, to help diagnose “Access Denied” error on Assembly Loading.
The error is actually very typical and I saw it quite often internally.
I posted the full text below. Hope it is useful to you.
“Junfeng Zhang[MSFT]” wrote in message news:exfHZKorEHA.2008@TK2MSFTNGP12.phx.gbl…
> It is very hard to diagnose this kind of problems. I have debugged many
> access denied errors. And most of them boil down to the following scenario:
> 1. You enabled shadow copy on the AppDomain.
> 2. You have either Anti-Virus or index service enabled.
> 3. You may have run the applications many times in a relatively short time.
> The reason is related to how fusion does shadow copy. Here is exactly what
> 1. Say you enabled shadow copy on the AppDomain, and you load an assembly.
> Fusion will first copy the assembly to a temporary directory under the
> shadow copy directory, then call MoveFile to move the temporary directory to
> the final location under shadow copy directory. The reason is that we want
> the shadow copy to be atomic. And MoveFile gives us the atomicity.
> 2. If you have Anti-Virus and index service enabled, and you are unlucky,
> after we have copied your assembly to the shadow copy directory, and about
> to call MoveFile, Anti-Virus or index service decides to poke around the
> temporary directory. Now when we call MoveFile, we get the access denied
> Condition (3) is not necessary. But it greatly increases the possiblity of
> the error. When you read/write the same file many many times, it will alert
> the anti-virus.
> The fix is easy, excluding the shadow copy directory from Anti-Virus or
> index service.
> How do you know if you are hitting this scenario?
> First, download File Monitor from http://www.sysinternals.com. Run
> filemon.exe and set the filter to only trace file accesses under shadow copy
> directory. Now run your applications. If you see the Access Denied
> exception, you can stop the filemon tracing. Now search the filemon log for
> “ACCESS DENIED”. When you find it, look at the a few lines above. If the
> application on the a few lines above is Anti-Virus or index service
> (cisvc.exe), you know you are hitting this problem.
> If this is not your case, sorry, I don’t know why. You have to debug it
> yourself. And you should start with filemon.
> Junfeng Zhang
> This posting is provided “AS IS” with no warranties, and confers no rights.
> “Gursharan” <Gursharan@discussions.microsoft.com> wrote in message
>> My app supports en and ja cultures. The app fails on an Application Center
>> cluster and the fusion log shows 0x80070005 error (access denied). I have
>> checked permissions/ACLs on the assemblies, used tlist -m to check process
>> locks and we don’t use impersonation.
>> Any other way to find out which access is denied?