CA2119: Seal methods that satisfy private interfaces
An inheritable public type provides an overridable method implementation of an internal (Friend in Visual Basic) interface.
Interface methods have public accessibility, which cannot be changed by the implementing type. An internal interface creates a contract that is not intended to be implemented outside the assembly that defines the interface. A public type that implements a method of an internal interface using the virtual (Overridable in Visual Basic) modifier allows the method to be overridden by a derived type that is outside the assembly. If a second type in the defining assembly calls the method and expects an internal-only contract, behavior might be compromised when, instead, the overridden method in the outside assembly is executed. This creates a security vulnerability.
To fix a violation of this rule, prevent the method from being overridden outside the assembly by using one of the following:
Make the declaring type sealed (NotInheritable in Visual Basic).
Change the accessibility of the declaring type to internal (Friend in Visual Basic).
Remove all public constructors from the declaring type.
Implement the method without using the virtual modifier.
Implement the method explicitly.
It is safe to suppress a warning from this rule if, after careful review, no security issues exist that might be exploitable if the method is overridden outside the assembly.
The following example shows a type, BaseImplementation, that violates this rule.
Imports System Namespace SecurityLibrary Interface IValidate Function UserIsValidated() As Boolean End Interface Public Class BaseImplementation Implements IValidate Overridable Function UserIsValidated() As Boolean _ Implements IValidate.UserIsValidated Return False End Function End Class Public Class UseBaseImplementation Sub SecurityDecision(someImplementation As BaseImplementation) If(someImplementation.UserIsValidated() = True) Console.WriteLine("Account number & balance.") Else Console.WriteLine("Please login.") End If End Sub End Class End Namespace
The following example exploits the virtual method implementation of the previous example.
Imports System Namespace SecurityLibrary Public Class BaseImplementation Overridable Function UserIsValidated() As Boolean Return False End Function End Class Public Class UseBaseImplementation Sub SecurityDecision(someImplementation As BaseImplementation) If(someImplementation.UserIsValidated() = True) Console.WriteLine("Account number & balance.") Else Console.WriteLine("Please login.") End If End Sub End Class End Namespace