Hi Joe,
Thanks for the reply. I've been reading about this APTCA issue and it
appears that this is a fairly recent change Microsoft has made regarding
security, starting with the .Net Framework 4. In the March 2010 issue of
MSDN Magazine there was an article by Mike Rousos titled "Migrating an
APTCA Assembly to the .NET Framework 4" which looks like it does a real
nice job of explaining the history of the APTCA attribute, what the
change means in .Net 4, and how to modify an assembly.
Here's a link to the article:
http://msdn.microsoft.com/en-us/magazine/ee336023.aspx
The MSDN article does mention a tool called SecAnnotate.exe as follows:
To help with the correct application of transparency attributes, there
is a new .NET Framework SDK tool, the Security Annotator
(SecAnnotate.exe). This tool consumes a user’s binary (or collection of
binaries) and provides guidance on where transparency attributes should
be applied. It can be very helpful when migrating an APTCA library to v4.
My initial impression ( and I'm still trying to understand this, so take
these comments with this in mind ) is that the assembly attribute should
be updated to reflect this security change. Whether the attribute is
removed or is changed to one of the attributes in the article looks like
it depends on what the underlying code in the assembly does - security
wise. For example, the attribute may be able to be changed to
SecurityTransparent - however there are certain code operations that
cannot be marked as SecurityTransparent - the article lists these. I'm
not familiar with the code at this point to know one way or the other ...
Mike
On 5/16/2013 5:01 PM, Joe Mistachkin wrote:
DevTeam wrote:
Next I downloaded and ran the binscope.exe utility against just the
System.Data.Sqlite.dll file to isolate the test to just this file and
received the same result - Failed checks - the assembly has
AllowPartiallyTrustedCallersAttribute (APTCA).
The use of this attribute by System.Data.SQLite appears to date back to
at least version 1.0.32.0, released in 2006.
I'm not aware of the original intent when this attribute was added.
Furthermore, this is the first time I've even heard it mentioned.
I would like to be able to better understand and eliminate this
warning/failure if possible, but not sure how best to proceed. Any
assistance or advice would be greatly appreciated. Thanks in advance.
The warning deals with assemblies that are not "fully trusted" being able
to use System.Data.SQLite.
In theory, this could pose a problem: If you actually intend to use
partially trusted assemblies -OR- if you intend to install the
System.Data.SQLite assemblies into a shared location on the machine,
such as the GAC.
Perhaps the attribute should be removed from System.Data.SQLite? I'm not
sure.
--
Joe Mistachkin
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
