Export (0) Print
Expand All

Requiring Full Trust for Types Within an AllowPartiallyTrustedCallersAttribute Assembly 

When the AllowPartiallyTrustedCallersAttribute is placed on an assembly, the implicit LinkDemand requiring all callers to be fully trusted is disabled. In some situations, you might want certain members or classes in an assembly to be callable by partially trusted code, but want other members or classes in the same assembly be protected from partially trusted code. The following steps allow you to provide access to certain members or classes from partially trusted code, while still denying access to other members and classes from partially trusted code:

  1. Sign your code with a strong name.

  2. Apply the AllowPartiallyTrustedCallersAttribute attribute to your assembly so that partially trusted callers can use it.

  3. Apply a demand for full trust to the specific member or class within the assembly from step 2 that you want protected from partially trusted callers.

The following are demands that can be placed on your code in order to limit access by partially trusted code:

  • To cause a LinkDemand for full trust, apply the following to a class or member.

    <PermissionSetAttribute(SecurityAction.LinkDemand, Name:="FullTrust")>
    
    

    [PermissionSetAttribute(SecurityAction.LinkDemand, Name="FullTrust")]
    
  • To cause a link demand requiring that callers have the ability to call unmanaged code, apply the following to a class or member.

    <SecurityPermissionAttribute(SecurityAction.LinkDemand, UnmanagedCode:=True)>
    
    

    [SecurityPermissionAttribute(SecurityAction.LinkDemand, UnmanagedCode=true)]
    
  • To cause an inheritance demand for full trust, apply the following to a class or member.

    <PermissionSet(SecurityAction.InheritanceDemand, Name:="FullTrust")>
    
    

    [PermissionSet(SecurityAction.InheritanceDemand, Name="FullTrust")]
    

See Also

Community Additions

ADD
Show:
© 2014 Microsoft