Restrictions on Libraries That Can Be Called
As mentioned in Chapter 25, there is an attribute in the System.Security namespace named AllowPartiallyTrustedCallersAttribute. For the sake of brevity, this attribute will be called APTCA throughout this chapter. The motivation behind APTCA is to limit the vectors of attack for malicious, semi-trusted code. Any managed code library with a strong name cannot be used by semi-trusted code unless that library is marked with APTCA.
In addition to APTCA, many managed code libraries have permission requirements that your applications will have to meet. If you are unaware that your application will need a certain permission, it is quite possible that you could hit a SecurityException while executing.
Assemblies ...
Get .NET Framework Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
