15

Recently, our .Net client libaray is upgrading to compile against Net 4.0. After change the target framework to 4.0, the application has some compilation error.

In AssemblyInfo.cs:

[assembly: SecurityPermission(SecurityAction.RequestMinimum, Execution = true)]

Error 7 Warning as Error: 'System.Security.Permissions.SecurityAction.RequestMinimum' is obsolete: '"Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information."' `

In .Net 4.0, it shows that: SecurityAction.RequestMinimum as obsolete, and we treat all warning as error.

What I should do with it? - Just remove it(will this has some unexpected impact? for example when the dlls are used in IIS) or change to some other value? I am not familiar with .Net, especially its security mechanism.

Anyone can help on this? Thanks for any advice and comment :)

ΩmegaMan
  • 22,885
  • 8
  • 76
  • 94
jeffery.yuan
  • 975
  • 1
  • 13
  • 24

2 Answers2

19

From MSDN:

In the .NET Framework version 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. These requests should not be used in code that is based on .NET Framework 4 or later.

So, just remove it.

Centro
  • 3,502
  • 1
  • 21
  • 29
  • Sorry for the late reply. Thanks, Centro, as you said, I just remove the tag, and it works : ) – jeffery.yuan Oct 12 '12 at 20:24
  • 1
    Just wanted to let you know that if you rely on VS2013 resgen autogenerated class file, you cannot avoid this warning unless you post-process the file manually/automatically. – galmok Apr 17 '14 at 10:07
  • 2
    is it ok to just remove the hole: `[assembly: SecurityPermission(SecurityAction.RequestMinimum, Execution = true)]` ?? – DanielV Jul 15 '15 at 09:13
  • I'm not sure about fixing some security holes by this if it is what you mean. For more deep information why it was removed just look into [this post](http://stackoverflow.com/questions/8269045/how-does-one-fix-the-system-security-permissions-securityaction-requestminimum) – Centro Jul 23 '15 at 08:47
  • @Centro Is that strictly speaking true? The warning message generated by Visual Studio says it is disabled *by default*. Also see https://docs.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/runtime/netfx40-legacysecuritypolicy-element and https://msdn.microsoft.com/en-us/library/ee191568(VS.100).aspx#migration – Shiv Feb 08 '18 at 06:26
4

Some searching led me here for a similar VB.net rdlc error (so yes, I know the question was tagged C#). I did not utilize the offending code, but I did find that a stray underscore caused this error, for example: in a textbox expression you might accidentally put:

"This is a " & _
"test"

thinking you are in some code behind, but alas this generates this same error as listed above and once removed, the error was gone.

SkeletonJelly
  • 201
  • 2
  • 5