Non-support of PrincipalPermissionAttribute #31279
Comments
|
The methods for creating partial trust context throw or do not exist at all in .NET Core. For example, If your ported program depends on partial trust permissions, you will get an error much earlier, long before these permission attributes would come into play. |
|
This isn't about partial trust. The following is perfectly valid permission enforcement in a .NET Framework business class. It compiles just fine in .NET Core but fails the essential task of controlling access: |
|
@jkotas This makes me think we should obsolete some types (like |
|
Quite possibly all of the CAS-related attributes, now that I think more on it. If you manually new up a permission object and call |
|
I fully support marking all CAS-related APIs as obsolete, once we get the more fine grained controls for obsolete warnings in place. |
|
Related: #1698 (comment), which ponders the consequences of a "fail open" policy where developers don't expect it. |
maryamariyan
added
the
untriaged
ghost
locked as resolved and limited conversation to collaborators
As best I can determine from my own test code (against 3.0.0) and as mentioned in #17693, PrincipalPermissionAttribute exists as a type but has no effect. MSDN also states "This attribute has no effect in .NET Core."
This seems dangerous, as a user porting existing code might expect that, if the attribute compiles, that it also functions. Since the purpose of this attribute is security, the consequences of a false assumption could be significant.
Is it a well-considered opinion that the attribute should exist yet be non-functional (not even a compiler warning...) or is this a decision warranting review?
The text was updated successfully, but these errors were encountered: