Home/ Questions/Q 7863691
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T23:33:45+00:00

I have run security check on my application, and got the following warning: ‘Parser.GenerateJeffpReport(string)’

  • 0

I have run security check on my application, and got the following warning:

‘Parser.GenerateJeffpReport(string)’ calls into ‘Process.Start()’
which has a LinkDemand. By making this call, ‘Process.Start()’ is
indirectly exposed to user code. Review the following call stack that
might expose a way to circumvent security protection:

I have googled it, and found this question:

what does this security warning mean (.Net Process class)?

I tried to do as the recomended answer, i.e. set my method with: 

[PermissionSetAttribute(SecurityAction.LinkDemand, Name="FullTrust")]

However, I got the following warning:

Microsoft.Security : ‘Parser.ParseJeff(string)’ is protected with a
LinkDemand for ‘PermissionSetAttribute’. In the level 2 security rule
set, it should be protected by being security critical instead.
Remove the LinkDemand and mark ‘Parser.ParseJeff(string)’ security
critical.

What shall I do? What is the meaning of all of it anyway? why is it a security issue? I didn’t found microsoft documentation at ths topic helpfull at all.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    replace 

    [PermissionSetAttribute(SecurityAction.LinkDemand, Name="FullTrust")]

    with

    [SecurityCritical]

    The SecurityCriticalAttribute is equivalent to a link demand for full
    trust. A type or member marked with the SecurityCriticalAttribute can
    be called only by fully trusted code; it does not have to demand
    specific permissions. It cannot be called by partially trusted code.

    • 0