Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Security transparent assemblies should not contain security critical code

Security transparent assemblies should not contain security critical code

TypeName

SecurityTransparentAssembliesShouldNotContainSecurityCriticalCode

CheckId

CA2127

Category

Microsoft.Security

Breaking Change

Breaking

Critical code cannot occur in a 100% transparent assembly.

This rule analyzes 100% transparent assemblies for any SecurityCritical annotations at the type, field, and method level. This rule is helpful because it flags code that exists in a 100% transparent assembly. Code in a 100% transparent assembly triggers either a security exception or unexpected behavior at run time.

The .NET Framework 2.0 introduced a feature named transparency. Individual methods, fields, interfaces, classes, and types can be either transparent or critical.

Transparent code is not allowed to elevate security privileges. Therefore, any permissions that are granted or demanded of it are automatically passed through the code to the caller or host AppDomain. Examples of 'elevations' include Asserts, LinkDemands, SuppressUnmanagedCode, and 'unsafe' code.

An assembly can be either 100% transparent, 100% critical, or mixed transparent/critical.

To mark an assembly as 100% transparent, add the assembly-level attribute:

 [assembly:System.Security.SecurityTransparent]

To mark an assembly as 100% critical, add the assembly-level attribute:

[assembly:System.Security.SecurityCritical(System.Security.SecurityCriticalScope.Everything)]

To mark an assembly as mixed transparent/critical, add the assembly-level attribute:

 [assembly:System.Security.SecurityCritical]

Transparent code cannot occur in a 100% critical assembly, and critical code cannot occur in a 100% transparent assembly.

To resolve the issue, either mark the assembly as mixed transparent/critical, or remove the SecurityCritical attribute from the flagged code.

Do not suppress a message from this rule.

Community Additions

ADD
Show:
© 2015 Microsoft