Skip to content

Gendarme.Rules.Security.Cas.DoNotExposeFieldsInSecuredTypeRule(git)

Sebastien Pouliot edited this page Mar 2, 2011 · 1 revision

DoNotExposeFieldsInSecuredTypeRule

Assembly: Gendarme.Rules.Security.Cas
Version: git

Description

The rule checks for types that are secured by Demand or LinkDemand but also expose visible fields. Access to these fields is not covered by the declarative demands, opening potential security holes.

Examples

Bad example:

[SecurityPermission (SecurityAction.LinkDemand, ControlThread = true)]
public class Bad {
}

Good example (InheritanceDemand):

[SecurityPermission (SecurityAction.LinkDemand, ControlThread = true)]
[SecurityPermission (SecurityAction.InheritanceDemand, ControlThread = true)]
public class Correct {
}

Good example (sealed):

[SecurityPermission (SecurityAction.LinkDemand, ControlThread = true)]
public sealed class Correct {
}

Notes

  • Before Gendarme 2.2 this rule was part of Gendarme.Rules.Security and named TypeExposeFieldsRule.

Source code

You can browse the latest source code of this rule on github.com

Clone this wiki locally