[Mono-dev] Why does Mono's CoreCLR blocks internal method reflection from transparent code ?
Robert Jordan
robertj at gmx.net
Tue Mar 26 14:06:50 UTC 2013
On 24.03.2013 19:08, nelson wrote:
> I'm checking that code, at
> https://github.com/mono/mono/blob/master/mono/metadata/security-core-clr.c.
>
> If to "ensure that the specified method can be used with reflection since
> Transparent code cannot call Critical methods" is fine with me, why does
> CoreCLR also prevents transparent code to call internal transparent methods
> or properties through reflection ?
In Silverlight, reflection is as powerful as statically compiled
code. With other words, if the code does not compile due to member
access violations, then reflection won't help either.
While this rule doesn't add concrete security, it helps obscuring
stuff from application code w/out having to decorate members with
[SecurityCritical].
Robert
More information about the Mono-devel-list
mailing list