Export (0) Print
Expand All
Expand Minimize

CA2130: Security critical constants should be transparent

TypeName

ConstantsShouldBeTransparent

CheckId

CA2130

Category

Microsoft.Security

Breaking Change

Breaking

A constant field or an enumeration member is marked with the SecurityCriticalAttribute.

Transparency enforcement is not enforced for constant values because compilers inline constant values so that no lookup is required at run time. Constant fields should be security transparent so that code reviewers do not assume that transparent code cannot access the constant.

To fix a violation of this rule, remove the SecurityCritical attribute from the field or value.

Do not suppress a warning from this rule.

In the following examples, the enum value EnumWithCriticalValues.CriticalEnumValue and the constant CriticalConstant raise this warning. To fix the issues, remove the [SecurityCritical] attribute to make them security transparent.


using System;
using System.Security;

//[assembly: SecurityRules(SecurityRuleSet.Level2)]
//[assembly: AllowPartiallyTrustedCallers]

namespace TransparencyWarningsDemo
{

    public enum EnumWithCriticalValues
    {
        TransparentEnumValue,

        // CA2130 violation
        [SecurityCritical]
        CriticalEnumValue
    }

    public class ClassWithCriticalConstant
    {
        // CA2130 violation
        [SecurityCritical]
        public const int CriticalConstant = 21;
    }
}



Community Additions

ADD
Show:
© 2014 Microsoft