summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/DotNetOpenAuth/Properties/AssemblyInfo.cs47
1 files changed, 0 insertions, 47 deletions
diff --git a/src/DotNetOpenAuth/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth/Properties/AssemblyInfo.cs
index ce08780..a63c71e 100644
--- a/src/DotNetOpenAuth/Properties/AssemblyInfo.cs
+++ b/src/DotNetOpenAuth/Properties/AssemblyInfo.cs
@@ -4,18 +4,6 @@
// </copyright>
//-----------------------------------------------------------------------
-// Uncomment this line to build a partially trusted assembly.
-// This has some security bonuses in that if there was a way to
-// hijack this assembly to do something it is not designed to do,
-// it will fail before doing much damage.
-// But a partially trusted assembly's events, handled by the hosting
-// web site, will also be under the partial trust restriction.
-// Also note that http://support.microsoft.com/kb/839300 states a
-// strong-name signed assembly must use AllowPartiallyTrustedCallers
-// to be called from a web page, but defining PARTIAL_TRUST below also
-// accomplishes this.
-////#define PARTIAL_TRUST
-
// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build.
using System;
@@ -69,38 +57,3 @@ using System.Web.UI;
#else
[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")]
#endif
-
-#if !CLR4
-
-// Specify what permissions are required and optional for the assembly.
-// In order for CAS to remove unnecessary privileges from this assembly (which is desirable
-// for security), we need at least one RequestMinimum and at least one RequestOptional.
-// These permissions were determined using PermCalc.exe
-
-// We need to be allowed to execute code. Besides, it gives a good baseline RequestMinimum permission.
-[assembly: SecurityPermission(SecurityAction.RequestMinimum, Execution = true)]
-
-// Allows the consumer to call out to the web server. This is unnecessary in provider-only scenarios.
-// Note: we don't use a single demand for https?://.* because the regex pattern must exactly
-// match the one used by hosting providers. Listing them individually seems to be more common.
-[assembly: WebPermission(SecurityAction.RequestMinimum, ConnectPattern = @"http://.*")]
-[assembly: WebPermission(SecurityAction.RequestMinimum, ConnectPattern = @"https://.*")]
-#if PARTIAL_TRUST
-// Allows hosting this assembly in an ASP.NET setting. Not all applications
-// will host this using ASP.NET, so this is optional. Besides, we need at least
-// one optional permission to activate CAS permission shrinking.
-[assembly: AspNetHostingPermission(SecurityAction.RequestOptional, Level = AspNetHostingPermissionLevel.Medium)]
-
-// Allows this assembly to store reporting data.
-[assembly: IsolatedStorageFilePermission(SecurityAction.RequestOptional, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
-
-// The following are only required for diagnostic logging (Trace.Write, Debug.Assert, etc.).
-#if TRACE || DEBUG
-[assembly: KeyContainerPermission(SecurityAction.RequestOptional, Unrestricted = true)]
-[assembly: ReflectionPermission(SecurityAction.RequestOptional, MemberAccess = true)]
-[assembly: RegistryPermission(SecurityAction.RequestOptional, Unrestricted = true)]
-[assembly: SecurityPermission(SecurityAction.RequestOptional, ControlEvidence = true, UnmanagedCode = true, ControlThread = true)]
-[assembly: FileIOPermission(SecurityAction.RequestOptional, AllFiles = FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read)]
-#endif // TRACE || DEBUG
-#endif // PARTIAL_TRUST
-#endif // CLR4