Modifying Proxies for Partially Trusted Add-Ins
If you want the host application to load partially trusted add-ins, it is recommended that you sign the proxy assembly with a strong name to help make the proxies more secure. If you sign the proxy assembly with a strong name, you must enable partially trusted code to call into the proxy assembly.
For more information about security considerations with proxies, see Creating Proxies.
Enabling Partially Trusted Code to Call Into the Proxy Assembly
To enable partially trusted callers, apply the AllowPartiallyTrustedCallersAttribute attribute to the proxy assembly and to the add-in assembly. If you sign the proxy assembly with a strong name but do not apply this attribute, the proxies can be called only by assemblies that are granted full trust. For more information about this attribute, see Using Libraries from Partially Trusted Code.
This attribute can be applied only at the assembly level, as shown in the following example.
[assembly: System.Security.AllowPartiallyTrustedCallers()]
Applying the Attribute to the Proxy Assembly
To apply this attribute to the proxy assembly, add the attribute to the top of the proxy code file that is generated by ProxyGen.exe, before or after the HostAssemblyAttribute attribute.
This is different from the usual way of modifying proxies. Usually you make changes in the proxy descriptor file, and those changes are generated in the code file. However, the proxy descriptor file does not support assembly-level attributes, so you must add this attribute directly to the proxy code file.
Applying the Attribute to the Add-in Assembly
To apply this attribute to the add-in assembly, add the attribute to the AssemblyInfo.vb or AssemblyInfo.cs code file that is generated when you create a project template. For more information, see Creating Project Templates (Visual Studio Tools for Applications).
.gif "Security note") Security Note: |
|---|
If you add an assembly that has the AllowPartiallyTrustedCallersAttribute to the global assembly cache, the assembly is exposed to all partially trusted code that is running on the computer. You must thoroughly review and test an assembly for security vulnerabilities before applying the AllowPartiallyTrustedCallersAttribute and adding the assembly to the global assembly cache. For more information, see Secure Coding Guidelines. |
See Also
Tasks
Walkthrough: Creating a Proxy Assembly
Concepts
Architecture of Generated Proxy Code
Using Libraries from Partially Trusted Code
Reference
Proxy Generation Tool (ProxyGen.exe)