13.8 Restrict Who Can Extend Your Classes and Override Class Members

Problem

You need to control who can extend your classes through inheritance and which class members a derived class can override.

Solution

Use declarative security statements to apply the SecurityAction.InheritanceDemand member to the declarations of the classes and members that you need to protect.

Discussion

Language modifiers such as sealed , public , private , and virtual give you a level of control over the ability of classes to inherit from your class and override its members. However, these modifiers are inflexible , providing no selectivity in restricting which code can extend a class or override its members. For example, you might want to allow only code written by your company or department to extend business-critical classes, or perhaps you want to allow only code loaded from the local machine to extend certain methods . By applying an InheritanceDemand to your class or member declaration, you can specify runtime permissions that a class must have to extend your class or override particular members. Remember that the permissions of a class are the permissions of the assembly in which the class is declared.

Although you can demand any permission or permission set in your InheritanceDemand , it's more common to demand identity permissions . Identity permissions represent evidence presented to the runtime by an assembly. If an assembly presents certain types of evidence at load time, the runtime will automatically assign the assembly the appropriate identity permission. Identity permissions allow you to use regular imperative and declarative security statements to base security decisions directly on code identity without the need to evaluate evidence objects directly. Table 13-1 lists the type of identity permission generated for each type of evidence. (Evidence types are members of the System.Security.Policy namespace, and identity permission types are members of the System.Security.Permissions namespace.)

You must use declarative security syntax to implement an InheritanceDemand , and so you must use the attribute counterpart of the permission class that you want to demand. All permission classes have an attribute counterpart that you use to construct declarative security statements ”including InheritanceDemand . For example, the attribute counterpart of PublisherIdentityPermission is PublisherIdentityPermissionAttribute , and the attribute counterpart of StrongNameIdentityPermission is StrongNameIdentityPermissionAttribute ” all permissions and their attribute counterparts follow the same naming convention and are members of the same namespace.

To control which code can extend your class, apply the InheritanceDemand to the class declaration. This code fragment shows a class protected with an InheritanceDemand . Only classes in assemblies signed by the publisher certificate contained in the pubcert.cer file can derive from the InheritanceDemandExample class. The contents of the pubcert.cer file are read at compile time, and the necessary certificate information is built into the assembly.

 [PublisherIdentityPermission(SecurityAction.InheritanceDemand,      CertFile = @"C:\CSharpCookbook - Runtime Security\pubcert.cer")] public class InheritanceDemandExample {      } 

To control which code can override specific members, apply the InheritanceDemand to the member declaration. The InheritanceDemand on the following method allows only classes granted the FullTrust permission set to override the method SomeProtectedMethod .

 [PermissionSet(SecurityAction.InheritanceDemand, Name="FullTrust")] public void SomeProtectedMethod () {      }