.NET 2.0 Security Guidelines - Assembly Design Guidelines

From Guidance Share

Jump to: navigation, search

- J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Chaitanya Bijwe


Identify your target trust environment

If you develop partial trust code, you should identify the permissions that will be available to your code, and you should understand which APIs require additional permissions. This is important because partial trust code is unable to access all methods and resources that code running with full trust can access. Typical partial trust scenarios include:

  • An ASP.NET application that runs with medium trust. Examine the Web_MediumTrust.config file in the %windir%\Microsoft.NET\Framework\{version}\CONFIG directory to see the permissions granted to your code.
  • An application downloaded from the Internet. Use the Microsoft .NET Framework Configuration tool or Caspol.exe to see the permissions granted to code running in the Internet zone.
  • An application that runs from a file share. Use the Microsoft .NET Framework Configuration tool or Caspol.exe to see the permissions granted to code running in the intranet zone.


Explicitly Design Your Public Interface

Think carefully about the types and members that form part of your assembly's public interface. Design your interfaces at the beginning of your project, and use a well-designed, minimal public interface. Use friend assemblies to allow other assemblies to access internal and protected members. This is important because it limits your assembly's attack surface by minimizing the number of entry points.

Personal tools