I've got some code which pinvokes native win32. Since I upgraded to .NET 4, the code started throwing a MethodAccessException saying:
Attempt by security transparent method 'Tek.Audio.Midi.MidiDevice.GetDevices()' to call native code through method 'Tek.Native.Windows.Multimedia.midiInGetNumDevs()' failed. Methods must be security critical or security safe-critical to call native code.
Here's what's going on:
Program.Main
method calls library1 public static Tek.Audio.Midi.MidiDevice.GetDevices()
GetDevices()
calls library2's public static pinvoke Tek.Native.Windows.Multimedia.midiInGetNumDevs()
(yeah, bad practice, whatever)The only security-related attributes on classes, methods and assemblies involved are AllowPartiallyTrustedCallers on library1, and I don't even know why.
It shames me to admit that I'm quite ignorant about security in .NET. What should I do to prevent this exception? And while I'm here, any good articles to get me started on .NET security?
You have choices. The easiest thing to do would be to "opt-out" of the new security model.
<configuration>
<runtime>
<NetFx40_LegacySecurityPolicy enabled="true" />
</runtime>
</configuration>
OR (bearing in mind I am no .Net 4 security expert)
You could mark your method:
[SecuritySafeCritical]
since you can use that with code designed for partially trusted callers.
Sadly I don't have a good article I can send you, I have had to figure this out like you have, by fixing my broken code. :)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With