<NetFx40_LegacySecurityPolicy> Element
Specifies whether the runtime uses legacy code access security (CAS) policy.
<configuration>
<runtime>
<NetFx40_LegacySecurityPolicy>
Note
Code Access Security (CAS) has been deprecated across all versions of .NET Framework and .NET. Recent versions of .NET do not honor CAS annotations and produce errors if CAS-related APIs are used. Developers should seek alternative means of accomplishing security tasks.
Syntax
<NetFx40_LegacySecurityPolicy
enabled="true|false"/>
Attributes and Elements
The following sections describe attributes, child elements, and parent elements.
Attributes
| Attribute | Description |
|---|---|
enabled |
Required attribute. Specifies whether the runtime uses legacy CAS policy. |
enabled Attribute
| Value | Description |
|---|---|
false |
The runtime does not use legacy CAS policy. This is the default. |
true |
The runtime uses legacy CAS policy. |
Child Elements
None.
Parent Elements
| Element | Description |
|---|---|
configuration |
The root element in every configuration file used by the common language runtime and .NET Framework applications. |
runtime |
Contains information about runtime initialization options. |
Remarks
In the .NET Framework version 3.5 and earlier versions, CAS policy is always in effect. In the .NET Framework 4, CAS policy must be enabled.
CAS policy is version-specific. Custom CAS policies that exist in earlier versions of the .NET Framework must be respecified in the .NET Framework 4.
Applying the <NetFx40_LegacySecurityPolicy> element to a .NET Framework 4 assembly does not affect security-transparent code; the transparency rules still apply.
Important
Applying the <NetFx40_LegacySecurityPolicy> element can result in significant performance penalties for native image assemblies created by the Native Image Generator (Ngen.exe) that are not installed in the global assembly cache. The performance degradation is caused by the inability of the runtime to load the assemblies as native images when the attribute is applied, resulting in their being loaded as just-in-time assemblies.
Note
If you specify a target .NET Framework version that is earlier than the .NET Framework 4 in the project settings for your Visual Studio project, CAS policy will be enabled, including any custom CAS policies you specified for that version. However, you will not be able to use new .NET Framework 4 types and members. You can also specify an earlier version of the .NET Framework by using the <supportedRuntime> element in the startup settings schema in your application configuration file.
Note
Configuration file syntax is case-sensitive. You should use the syntax as provided in the Syntax and Example sections.
Configuration File
This element can be used only in the application configuration file.
Example
The following example shows how to enable legacy CAS policy for an application.
<configuration>
<runtime>
<NetFx40_LegacySecurityPolicy enabled="true"/>
</runtime>
</configuration>
