TypeLoadException based on Security-Transparent Code, Level 2

I’ve encountered a new exception when using ASP.NET 4.0 Beta 2.


Inheritance security rules violated while overriding member: 'PeterBlum.DataSources.EntityDAO.SelectArgs.System.Runtime.Serialization.ISerializable.GetObjectData(System.Runtime.Serialization.SerializationInfo, System.Runtime.Serialization.StreamingContext)'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.

This occurred in different places with code that worked in ASP.NET 3.5.

  • Using the ISerializable interface, as shown above
  • During compilation when the web controls assembly also contain ControlDesigner code.

It started happening for me when I added the AllowPartiallyTrustedCallersAttribute to my web controls assembly.

It is due to the new Security-Transparent Code, Level 2 features of ASP.NET 2.

Read its documentation to better learn what it does. For me, my goal was to avoid it.

The solution was to add the new SecurityRulesAttribute to your assembly, in the AssemblyInfo.cs/vb file.

[assembly: System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]

This attribute turns off the features of Security-Transparent Code, Level 2.

Update Dec 1, 2009

Here is another error message that I encountered which is resolved the same way. It appears as a compiler error message.

Inheritance security rules violated by type: 'Class'. Derived types must either match the security accessibility of the base type or be less accessible.



  • Thanks Peter. Ran into the same issue. You ever find out what exactly is causing the error when the security level stays set at Level2? I mean it's a ControlDesigner and no matter what the inheritance is set to (public, internal) it fails for me - but only in 1 specific project. In other 4.0 projects it works fine oddly. No special attributes.

    This is the kind of .NET stuff that drives me absolutely batty because nobody except the designers really know what the heck is actually happening with the security chain.

    Thanks for your help here though - the attribute gets me by for now to ship out some code :-)

  • Hi Rick,

    I have not explored the issue beyond this posting. Once satisfied with a wordaround, I moved on.

Comments have been disabled for this content.