CS.SV.LINK_DEMAND.LEVEL2
Level 2 assemblies should not contain LinkDemands.
LinkDemands are deprecated in the level 2 security rule set. Instead of using LinkDemands to enforce security at just-in-time (JIT) compilation time, mark the methods, types, and fields with the SecurityCriticalAttribute attribute.
Mitigation and prevention
To fix a violation of this rule, remove the LinkDemand and mark the type or member with the SecurityCriticalAttribute attribute.
Vulnerable code example
2 using System; 3 using System.Security; 4 using System.Security.Permissions; 5 6 namespace TransparencyWarningsDemo 7 { 8 9 public class MethodsProtectedWithLinkDemandsClass 10 { 11 // CA2135 violation - the LinkDemand should be removed, and the method marked [SecurityCritical] instead 12 [SecurityPermission(SecurityAction.LinkDemand, UnmanagedCode = true)] 13 public void ProtectedMethod() 14 { 15 } 16 } 17 }
In the example, the LinkDemand should be removed and the method marked with the SecurityCriticalAttribute attribute.