> Ian Griffiths <[EMAIL PROTECTED]> wrote: > > >By default a strongly-named assembly can only be called by > > full-trusted callers. I think this is intended as a 'secure by > > default' setting, because it should reduce the chances of > > someone being able to use the luring attack > > on such an assembly. > > Why are they equating strongly named with trusted or secure?
I think the real question is: why don't they apply this policy to *all* components, not just strongly-named ones? > >But if you want your strongly-named assembly to be callable > > by partially trusted callers, just apply the > > AllowPartiallyTrustedCallersAttribute to your assembly: > > > >[assembly:AllowPartiallyTrustedCallersAttribute] > > Thanks for work around. It's not a work around. It's the way to do it. There's a difference - 'work around' implies that this is a bug in the first place, which it isn't. -- Ian Griffiths DevelopMentor You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
