This may be a rather unedumecated question, but is there an issue with turning off AllowPartiallyTrustedCallers in the assemblies to make YAF compatible with .NET 4. when I converted the source project over I started getting all sorts of errors that I finally was able to trace to this attribute, which basically means you have to take an extremely granular approach to security access at least during reflection and I am sure just about everything although I cannot verify that since I can't get past the reflection issues with AllowPartiallyTrustedCallers set. Once it is turned off, however, it compiles and runs fine (at least up to the initial installation wizard|permissions test.

Now, my admittedly limited understanding of .NET security would mean I would have problems with 3rd party code (including my own) access the YAF assemblies, but if I understand correctly and I sign all my assemblies with a strong name key file wouldnt that take care of it for my own code accessing yah at least?

Hi,

You are correct. There is an issue with converting the existing YAF .NET v4. But, you can use YAF as a .NET v3.5 assembly even in a .NET v4 project with no issues. Frankly, only if you needed to make internal modifications to YAF that REQUIRED .NET v4 would this be an issue.

Thanks. Yeah I was assuming there would be issues converting over. Was wondering if turning off the allowing parially trusted user (assemblies) was a bad idea. I am sorry but my ingrained military background cringes at the thought of "partially trusted" :cheesy: My philosoph would be if I do not need to why not turn it off?

As far as converting it, it is sort of me exploring my boundaries and challenging myself just to see. Or is it just my stubbornness? Probably the later since I aint no saint 🙂

I suggest looking into Partially Trusted attribute. Not sure what you think it is -- but it's just a part of the security permission system for ASP.NET.

Good luck exploring.