Export (0) Print
Expand All

Security Rules rule set for managed code

You should include the Microsoft Security Rules rule set to maximize the number of potential security issues that are reported.

Rule

Description

CA2100

Review SQL queries for security vulnerabilities

CA2102

Catch non-CLSCompliant exceptions in general handlers

CA2103

Review imperative security

CA2104

Do not declare read only mutable reference types

CA2105

Array fields should not be read only

CA2106

Secure asserts

CA2107

Review deny and permit only usage

CA2108

Review declarative security on value types

CA2109

Review visible event handlers

CA2111

Pointers should not be visible

CA2112

Secured types should not expose fields

CA2114

Method security should be a superset of type

CA2115

Call GC.KeepAlive when using native resources

CA2116

APTCA methods should only call APTCA methods

CA2117

APTCA types should only extend APTCA base types

CA2118

Review SuppressUnmanagedCodeSecurityAttribute usage

CA2119

Seal methods that satisfy private interfaces

CA2120

Secure serialization constructors

CA2121

Static constructors should be private

CA2122

Do not indirectly expose methods with link demands

CA2123

Override link demands should be identical to base

CA2124

Wrap vulnerable finally clauses in outer try

CA2126

Type link demands require inheritance demands

CA2130

Security critical constants should be transparent

CA2131

Security critical types may not participate in type equivalence

CA2132

Default constructors must be at least as critical as base type default constructors

CA2133

Delegates must bind to methods with consistent transparency

CA2134

Methods must keep consistent transparency when overriding base methods

CA2135

Level 2 assemblies should not contain LinkDemands

CA2136

Members should not have conflicting transparency annotations

CA2137

Transparent methods must contain only verifiable IL

CA2138

Transparent methods must not call methods with the SuppressUnmanagedCodeSecurity attribute

CA2139

Transparent methods may not use the HandleProcessCorruptingExceptions attribute

CA2140

Transparent code must not reference security critical items

CA2141

Transparent methods must not satisfy LinkDemands

CA2142

Transparent code should not be protected with LinkDemands

CA2143

Transparent methods should not use security demands

CA2144

Transparent code should not load assemblies from byte arrays

CA2145

Transparent methods should not be decorated with the SuppressUnmanagedCodeSecurityAttribute

CA2146

Types must be at least as critical as their base types and interfaces

CA2147

Transparent methods may not use security asserts

CA2149

Transparent methods must not call into native code

CA2210

Assemblies should have valid strong names

Show:
© 2014 Microsoft