|Important||This document may not represent best practices for current development, links to downloads and other resources may no longer be valid. Current recommended version can be found here.|
Using Secure Class Libraries
A secure library is a class library that uses security demands to ensure that the library's callers have permission to access the resources that the library exposes. For example, a secure class library might have a method for creating files that would demand that its callers have permissions to create files. The .NET Framework comprises secure class libraries.
If your code requests and is granted the permissions required by the class library, it will be allowed to access the library and the resource will be protected from unauthorized access; if your code does not have the appropriate permissions, it will not be allowed to access the class library, and malicious code will not be able to use your code to indirectly access the resource. Even if your code has permission to access a library, it will not be allowed to run if code that calls your code does not also have permission to access the library.
Code access security does not eliminate the possibility of human error in writing code; however, if applications use secure class libraries to access protected resources, the security risk for application code is decreased because class libraries are closely scrutinized for potential security problems.