logging-log4net-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nicko Cadell" <ni...@neoworks.com>
Subject RE: AllowPartiallyTrustedCallers Attribute
Date Sun, 29 Oct 2006 01:47:15 GMT
"The only time you should ever add the AllowPartiallyTrustedCallers
attribute to your assembly is after a careful security audit. Be doubly
wary if your assembly calls unmanaged code." - Keith Brown

We have not conducted an adequate audit to allow us to add the
AllowPartiallyTrustedCallers attribute.

The Nant build script generates a strong name for all release builds
(where strong naming is supported by the platform)


> -----Original Message-----
> From: paulh [mailto:paulh@grassoc.co.uk] 
> Sent: 11 October 2006 19:30
> To: log4net-user@logging.apache.org
> Subject: AllowPartiallyTrustedCallers Attribute
> Hi
> I have a problem running a web site medium trust with log4net 
> when it is not in the GAC - according to the MS security docs 
> this should be solvable if the AllowPartiallyTrustedCallers 
> attribute is added to the assembly.
> Any reason for not doing so?
> Also, how do I tell the nant build to strongly-name an 
> assembly - I've generated my key, but the assembly is still unsigned.
> Regards
> Paul

View raw message