We have used the RAD Menu Control, Tree View Control and Calendar Control in our Site which is created in MOSS 2007. This site has read access granted to the "NT Authority\ Authenticated Users" so any one authenticated within our Windows environment will be able to access it.
As we cannot place the DLL within the GAC due to security policies and also since it is not the good practice, we place them in the Bin folder of the Web Application that hosts our site.
As Sharepoint by default only allows the Minimal Trust, we use a Sharepoint Solution to deploy the DLL in the Bin folder and create the Custom Trust file to grant access to these DLLs.
Even after creating the Sharepoint Solution to add the DLL to the Bin folder and provide the custom access policy. The Users see a 403 Forbidden access error.
But the error is not consistent. If the administrators or a person with higher access to the site happens to access the same page containing the RAD control they are able to access it and subsequently all other users are also able to access the page.
But if we reset the IIS the problem re-occurs again until the pages are access by the Administrators.
For your information the code security permission in the solution is specified as follows:
1) For the IPermission class="AspNetHostingPermission" we have Level="Minimal"
2) IPermission class="System.Security.Permissions.FileIOPermission, mscorlib" we have Unrestricted="True"
3)IPermission class="System.Security.Permissions.SecurityPermission, mscorlib " we have Flags="UnmanagedCode, ControlThread, ControlPrincipal"
4) IPermission class="SecurityPermission" we have Flags="AllFlags"
5) IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security," we have ObjectModel="True"
Hope you can understand the scenario. Kindly post back if you have any solution for this issue.