The Security-Transparent Code Level 2 rules in .NET 4 mean that any time we
implement an interface member which has the SecurityCritical or
SecuritySafeCritical attribute, we need to supply that attribute too.
Currently in some cases (I don't have details) we fail with:
> Inheritance security rules violated while overriding member:
Instant.GetObjectData(System.Runtime.Serialization.SerializationInfo,
System.Runtime.Serialization.StreamingContext)'. Security accessibility of the
overriding method must match the security accessibility of the method being
overriden.
Rather than just fix ISerializable, I'd like to add a unit test which checks
*all* members of *all* interfaces implemented by *all* types. It shouldn't be
too hard.
We might then want to consider applying this back to the 1.2 stream and doing a
new release of it - or possibly doing a new 1.3 release.
References:
http://msdn.microsoft.com/en-us/library/dd233102(v=vs.100).aspx
http://stackoverflow.com/questions/3055792
Original issue reported on code.google.com by jonathan.skeet on 10 Mar 2014 at 6:35
The text was updated successfully, but these errors were encountered:
I don't think we need to backport this to 1.2, as I *believe* it only affects
assemblies with AllowPartiallyTrustedCallersAttribute, which only occurs in the
1.3 stream anyway.
Original comment by jonsk...@google.com on 10 Mar 2014 at 9:37
Original issue reported on code.google.com by
jonathan.skeet
on 10 Mar 2014 at 6:35The text was updated successfully, but these errors were encountered: