transparent code

The security-transparent code would not be able to see the private or internal members of the security-critical code.

Security-transparent code passes all the security requirements of the code it calls back to its callers.

Security transparent code should not be responsible for verifying the security of an operation, and therefore should not demand permissions.

Can be applied to private or internal security-critical members to enable security-transparent code in the assembly to access those members.

This method is security-critical to prevent the exposure of any information about the stack depth to transparent code.

Any link demand that would be satisfied by security-transparent code becomes a full demand.

Security-critical types and members within a level 1 assembly can be accessed by security-transparent code in other assemblies.

Otherwise, security-transparent code cannot access private or internal security-critical members in the same assembly.

Demands that flow through the security-transparent code cannot elevate privileges.

Security-critical types and members that are public are accessible from security-transparent code.

Security-transparent code cannot call types or members that are identified as security-critical.

Members are accessible by transparent code within the assembly.

The three tenets of this model are transparent code, security-safe-critical code, and security-critical code.

The potential exists for transparent code to do harmful things when run in full trust.

Security-safe-critical code is fully trusted but is callable by transparent code.

A security-critical method is accessed from transparent code.

The security-transparent code cannot stop the demand because it cannot perform assert actions.

The security-transparent code cannot stop the demand because it cannot perform asserts.

For example, binding rules prevent transparent code from calling critical code directly via a transparent delegate.