Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have to move some old .NET 2 code to the .NET 4 project. It has the next line:
`return Assembly.LoadFrom(filePath, Assembly.GetExecutingAssembly().Evidence);`
As it said in Microsoft’s (MSDN):
Note: This API is now obsolete. The non-obsolete alternative is LoadFrom(String).
I’m not familiar with the Evidence class. What is the risk of just removing the Evidence parameter from the call? What is the real case when the Evidence parameter is necessary?
Thanks in advance for the help
The evidence argument was used to provide data that the Code Access Security (CAS) policy mechanism could use when deciding which CAS permissions to grant to the assembly being loaded. However, in .NET 4.0, the “naked” CLR no longer uses CAS policy ( http://blogs.msdn.com/b/shawnfa/archive/2010/02/24/so-is-cas-dead-in-net-4-or-what.aspx, http://blogs.msdn.com/b/shawnfa/archive/2009/06/12/clr-v4-security-policy-roundup.aspx), so the used of evidence in API has been deprecated. There are usually only two reasons why one might have provided evidence in a LoadFrom call in code targeting an earlier .NET version:
For #1, you probably have nothing to do in .NET 4.0 since all code will run with unrestricted CAS permissions (aka “full trust”) by default. For #2, the recommended approach is to use a sandboxed appdomain.