Managed Code
Check | Category | Chapter |
FXCop has no security complaints | 18 | |
No sensitive data in XML or configuration files | 18 | |
Classes are marked final, if appropriate | 18 | |
Inheritance demands on classes, if appropriate | 18 | |
All assemblies are strong-named | 18 | |
Assemblies use RequireMinimum to define the must-have grant set | 18 | |
Assemblies use RequestRefuse to reject specific permissions | 18 | |
Assemblies use RequestOptional to outline optional permissions that may be required | 18 | |
Assemblies that allow partial trust are thoroughly reviewed and have a valid partial-trust scenario | 18 | |
Demand appropriate permissions | 18 | |
Assert is followed by RevertAssert to keep time of asserted permission small | 18 | |
Code that denies access based on a filename is carefully checked | 18 | |
Assert trumps calls to PermitOnly and Deny further up the stack. Check code that attempts to operate otherwise. | 18 | |
LinkDemand thoroughly audited for correctness. Are link demands really required? | 18 | |
No stack trace provided to untrusted users | 18 | |
SuppressUnmanagedCodeSecurityAttribute used with caution | 18 | |
Managed wrappers to unmaged code checked for correctness | 18 |