views:

40

answers:

2

If I understand correctly, SecurityAction.RequestMinimum has been made obsolete for .NET Framework 4.0 here. Now, when I create a C++/CLR project that targets .NET Framework 4.0, this line gets added automatically in the auto-generated AssemblyInfo.cpp:

[assembly:SecurityPermission(SecurityAction::RequestMinimum, UnmanagedCode = true)];

This project compiles perfectly and all, but should I write the C# equivalent in a C# .NETFX 4.0 project, it won't compile. Do you know where can I find information about this?

A: 

I suspect this is because the IDE makes a 'best guess' that C++/CLI code will often need to call through to native C++ code.

I changed this setting on a (very small) C++/CLI VS2010 Express project to 'false', and my all-managed app still runs OK.

Steve Townsend
+1  A: 

This isn't new, the same attribute was added in previous versions of Visual Studio. They just didn't change the item template. It is a CAS attribute that basically says "I need at least the minimum permissions to run unmanaged code".

Which is appropriate, that permission is always needed for a C++/CLI app. Even if you write pure code, unmanaged code permission is still required to initialize the CRT. The permission is only relevant in sandboxing scenarios where code doesn't run with full trust, like inside a web browser or a secure plug-in setup. CAS has indeed been deprecated but it wasn't removed. Not quite sure what happens in .NET 4.0 these days. Which was kind of the point with CAS getting obsoleted, it was ineffective because it was so hard to understand by an average Joe like me.

Shawn Farkas' blog is the best source for info about this. He's the .NET security guru at Microsoft.

The C# version of it is much the same:

using System.Security.Permissions;
...
[assembly: SecurityPermission(SecurityAction.RequestMinimum, UnmanagedCode = true)]

Not sure why you would need it, the C++/CLI assembly requesting it is enough.

Hans Passant