Yesterday I crashed into a part of the .Net 4 security policy change that spent a good hour obtaining the solution.

To start the ball rolling, here’s the bug and fix card:

Building .Net 4 in release mode with .Net 2 referenced assemblies

SGEN Error: Could not load file or assembly or one of its dependencies. Operation is not supported.

1 – Add to sgen.exe.config in C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\NETFX 4.0 Tools\x64. It should look something like:


2 – You should ensure you have a sgen.exe.config looking like the above in every place you have an sgen.exe – found via a search under “C:\Program Files (x86)\Microsoft SDKs”

What’s it all about?

Building against .Net 4 means the CLR v4 security model applies. This model makes various changes and improvements to its predecessors, one such change is the approach CLR uses for referencing network assemblies.

Previously, network referenced assemblies were silently granted full trust known as sandboxing. In CLR v4 the opposite applies, essentially challenging the developer to declare whether it is safe to be loading from remote sources – thus, the need for the new line in the sgen.exe.config.

What is the XML Serializer Generator Tool (Sgen.exe)?

Before I finish this post, if you’re not aware of what the SGEN tool is:

The XML Serializer Generator creates an XML serialization assembly for types in a specified assembly in order to improve the startup performance of a XmlSerializer when it serializes or deserializes objects of the specified types.

Well, I hope that helps. Let me know if you find any challenges posed by CLR v4.