Add the AllowPartiallyTrustedCallers attribute to the assembly

[GoogleCodeExporter]

What situation does this request make simpler?
ASP.Net code running at less than full trust (eg medium trust) cannot call into 
a strong named assembly unless it has the AllowPartiallyTrustedCallers 
attribute. Partially trusted code (anything less than full trust) that calls a 
signed, strongly named assembly that doesn't have the attribute will receive 
the error "That assembly does not allow partially trusted callers."

Can you provide a straw-man example of what you'd want the API to look
like?
No changes to the API, but the implication is that any code in NodaTime that 
might pose a security risk would have to make it's own, explicit security 
demands. I'm not real proficient in the Code Access Security stuff but this is 
what I gather from reading. From what I gather, if for example, NodaTime had a 
utility class that accessed the registry to update timezone data, you would not 
want partially trusted code to do that, so you would want to explicitly demand 
a higher security level for that portion of code to execute, either by placing 
a security attribute on specific methods or by calling Assert on a permission 
object in code. The first method is covered a lot. The only thing I've found on 
the later method is this article: http://support.microsoft.com/kb/839300.

The remarks in the docs for AllowPartiallyTrustedCallersAttribute is a good 
place to start: 
http://msdn.microsoft.com/en-us/library/system.security.allowpartiallytrustedcal
lersattribute%28v=vs.110%29.aspx
One of it's links is to "Using Libraries from Partially Trusted Code" 
(http://msdn.microsoft.com/en-us/library/8skskf63%28v=vs.110%29.aspx) which has 
a subtopic "Requiring Full Trust for Types Within an APTCA Assembly" which 
discusses using attributes on methods to raise the security level.
There's also a change in .Net 4 that is mentioned in many articles and there is 
a question/response on stackoverflow that laid some of that out 
(http://stackoverflow.com/questions/5055632/net-4-allowpartiallytrustedcallers-a
ttribute-and-security-markings-like-secur)

This issue also came up with the Recaptcha .net library I was using 
(http://code.google.com/p/recaptcha/issues/detail?id=100). They've implemented 
the attribute in the code but I don't think they've made another release 
containing it. You might try contacting the programmers on that project.

Original issue reported on code.google.com by paulbole...@hotmail.com on 29 Jan 2014 at 3:28

[claudiamurialdo]

This attribute was removed at 3.0.0 (d62f69b)
Would it be possible to add again the AllowPartiallyTrustedCallersAttribute ?
It allows to use nodatime in some Brazilian hostings for ASP.NET that requires medium trust.

[jskeet]

@claudiamurialdo: Please see my response on the mailing list, and file a new issue (rather than adding a comment on a PR from 8 years ago) if you still think that's worth doing after reading my response.