Link Demand Security Issues

  • Article

The System.DirectoryServices.AccountManagement API has a threat of elevation of privilege with regards to methods that use Link Demands.

The threat is as follows:

A trusted assembly exposes those of its APIs that are accessible by partially trusted callers. These APIs themselves do not do any appropriate demand but internally perform Active Directory operations using System.DirectoryServices.AccountManagement. Thus, the link demand defined in System.DirectoryServices.AccountManagement is circumvented.

See Also

Reference

System.DirectoryServices.AccountManagement

Concepts

About System.DirectoryServices.AccountManagement

Other Resources

Link Demands

Send comments about this topic to Microsoft.

Copyright © 2008 by Microsoft Corporation. All rights reserved.