Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Your underlying assumption that the assembly will only ever run as a fully trusted executable is faulty. There's nothing stopping someone who can get their hands on your assembly from using it as a referenced library assembly in a piece of malware. If you've altered a machine's CAS policy to grant full trust to your assembly regardless of how it's deployed, then the malware would potentially be able to use your assembly to execute operations for which it would otherwise not have had adequate permissions.</p> <p>The upshot of this is that you really ought to be doing something to prevent satisfying link demands on the behalf of calling code, regardless of your intended deployment scenario. Given that you're targeting a full trust scenario yourself, this is actually going to be pretty easy. <strike>However, the exact approach depends largely on which version of the .NET Framework you're targeting, so could you please post that detail?</strike></p> <p>For .NET 2.0, the simplest approach to addressing the issue would be to apply either SecurityTransparentAttribute or SecurityCriticalAttribute to your assembly. Both attributes will result in the code in your assembly becoming security-transparent by default, which means that it cannot do things like satisfy link demands on behalf of its callers. If there are parts of your code that need to do things that are not allowed to security-transparent code, you should use the SecurityCriticalAttribute instead of SecurityTransparentAttribute at the assembly level since this will allow you to explicitly promote types and/or members to security-criticality if they need it. (For a bit more detail, see <a href="http://blogs.msdn.com/b/shawnfa/archive/2005/08/31/when-the-opposite-of-transparent-isn-t-opaque.aspx" rel="nofollow">http://blogs.msdn.com/b/shawnfa/archive/2005/08/31/when-the-opposite-of-transparent-isn-t-opaque.aspx</a>.)</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload