Securing website assemblies with new code security model

Question

I'm currently on a project where we are creating a MVC site. The site needs to use code access security, due to the fact that third party dll's needs to be plugged in, to provide custom functionality. Now we don't want these assemblies to have full trust, and therefore utilizing the new security model in .NET 4.0

Because of these requirements, we are stong naming all of our own assemblies, and installing them in the gac. Some of these assemblies are SecurityTransparent mixed with SecuritySafeCritical and SecurityCritical types and members.

The securityTransparent and SecurityCritical assemblies, types and members can be used by the third party assembly developers just as we are intending.

I now have this problem with the Global.asax file, which inherits from a class residing in a assembly marked with the AllowPartiallyTrustedCallers attribute.

This class in turn inherits from HttpApplication.

In my web.config the trustlevel is currently set to High.

I'm getting the following error:

Inheritance security rules violated by type: 'ASP.global_asax'. Derived types must either match the security accessibility of the base type or be less accessible

I guess that's because of the inheritance rules when using the security model, and that the HttpApplication class must have a stricter rule than SecurityTransparent.

I tried marking my custom class with the SecuritySafeCritical attribute, but with no luck.

I hope some of you have a solution to this problem.

Answer 1

If you are trying to secure the access to the HttpApplication subtype I would reccomend abstracting it to a custom interface that you know is secure and allowing the third party developers access to that instead of trying to bootstrap security on to existing .NET types.