Geek Answers Handbook

How to inherit from DataAnnotations.ValidationAttribute (it appears SecureCritical in Visual Studio debugging environment in .NET 4!)

I have a class library [AllowPartiallyTrustedCallers] containing subtypes of System.DataAnnotations.ValidationAttribute. The library is used for WCF service contract types.

In .NET 2 / 3.5, this worked fine. Since .NET 4.0, however, starting the service client in the Visual Studio debugger throws the exception "Inheritance Security Rules Violated by Type:" (my subtype is ValidationAttribute). Derived types must either match the security of the underlying type or be less accessible. " (System.TypeLoadException)

An error appears only when all of the following conditions are true:

  • The ValidationAttribute subclass is in the AllowPartiallyTrustedCallers Reflection assembly
  • used to check attribute
  • Visual Studio hosting process is enabled (Project Properties check box, Debug tab)

So, in Visual Studio .NET 2010:

  • create a new console project,
  • add a link to "System.ComponentModel.DataAnnotations" 4.0.0.0,
  • write the following code:

.

using System; [assembly: System.Security.AllowPartiallyTrustedCallers()] namespace TestingVaidationAttributeSecurity { public class MyValidationAttribute : System.ComponentModel.DataAnnotations.ValidationAttribute { } [MyValidation] public class FooBar { } class Program { static void Main(string[] args) { Console.WriteLine("ValidationAttribute IsCritical: {0}", typeof(System.ComponentModel.DataAnnotations.ValidationAttribute).IsSecurityCritical); FooBar fb = new FooBar(); fb.GetType().GetCustomAttributes(true); Console.WriteLine("Press enter to end."); Console.ReadLine(); } } }
  • Press F5 and you will get an exception!

Press Ctrl-F5 (start without debugging) and all this works fine without exception ...

The strange thing is that ValidationAttribute will or will not be critical depending on how you run the program (F5 or Ctrl + F5). As shown in Console.WriteLine in the above code. But then again, it looks like other attributes (and types?) Too.

Now questions ...

Why do I have this behavior when inheriting from ValidationAttribute, but not when inheriting from System.Attribute? (Using Reflector I don't see any special settings for the ValidationAttribute class or assembly)

And what can I do to solve this? How can I save MyValidationAttribute inheriting from ValidationAttribute in the AllowPartiallyTrustedCallers assembly without labeling it with SecurityCritical, still using the new .NET 4 security model level 2 and still working using the VS.NET debug host (or other hosts)?

Thank you so much! Rudi

+7
security code-access-security
source share
2 answers

Why do I have this behavior when inheriting from ValidationAttribute, but not when inheriting from System.Attribute? (Using Reflector I don't see any special settings for the ValidationAttribute class or assembly)

This is because the assembly System.ComponentModel.DataAnnotations is conditionally APTCA, that is, it is marked with the following attribute.

 [assembly: AllowPartiallyTrustedCallers(PartialTrustVisibilityLevel = PartialTrustVisibilityLevel.NotVisibleByDefault)]

Something about how Visual Studio starts the host process, the CLR does not apply to APTCA on this assembly, even if the default AppDomain is fully trusted. This means that all types and methods in the DataAnnotations assembly are SecurityCritical. Because the transparent security type (MyValidationAttribute) cannot inherit from the critical security type (ValidationAttribute), this exception is thrown.

And what can I do to solve this? How can I save MyValidationAttribute inheriting from ValidationAttribute in the AllowPartiallyTrustedCallers assembly without labeling it with SecurityCritical, still using the new .NET 4 security model level 2 and still working using the VS.NET debug host (or other hosts)?

This seems to be a bug with the VS host, which is unsuccessful for your situation. On the other hand, you really have to be sure that you want your build to be APTCA. If necessary, you have several options.

  • You can leave your assembly as is. This is beneficial because in the most typical partial ASP.NET trust environment, the DataAnnotations assembly will always be considered APTCA. Of course, you lose the ability to use the debugger in the VS hosting process.
  • You can mark your assembly C-APTCA. You can use the debugger in the VS hosting process, but consumers of your assembly in ASP.NET will need to add your assembly to the <partialTrustVisibleAssemblies> element in the web.config file so that it is APTCA.
  • You can make your SecurityCritical attribute, so you can use the debugger and you will not need any special configuration in ASP.NET, but all classes that use your attribute must also be critical.
+3
source share

For some reason, the site posted the text in a completely different question from the one that was on the page when I wrote - it is strange.

+1
source share

More articles:


All Articles