SYSLIB0003：不支援程式碼存取安全性

程式碼存取安全性 (CAS) 是不受支援的舊版技術。 啟用 CAS 的基礎結構 (僅存在於 .NET Framework 2.x - 4.x 中) 已被取代，且不會接收服務或安全性修正程式。

因此，.NET 中大部分的程式碼存取安全性 (CAS) 相關型別從 .NET 5 開始已過時。 這包括 SecurityPermissionAttribute 在內的 CAS 屬性、包括 SocketPermission、EvidenceBase 在內的 CAS 權限物件、衍生類型，以及其他支援的 API。 使用這些 API 會在編譯時期產生警告 SYSLIB0003。

過時 CAS API 的完整清單如下所示：

• System.AppDomain.ExecuteAssembly(String, String[], Byte[], AssemblyHashAlgorithm)
• System.AppDomain.PermissionSet
• System.Configuration.ConfigurationPermission
• System.Configuration.ConfigurationPermissionAttribute
• System.Data.Common.DBDataPermission
• System.Data.Common.DBDataPermissionAttribute
• System.Data.Odbc.OdbcPermission
• System.Data.Odbc.OdbcPermissionAttribute
• System.Data.OleDb.OleDbPermission
• System.Data.OleDb.OleDbPermissionAttribute
• System.Data.OracleClient.OraclePermission
• System.Data.OracleClient.OraclePermissionAttribute
• System.Data.SqlClient.SqlClientPermission
• System.Data.SqlClient.SqlClientPermissionAttribute
• System.Diagnostics.EventLogPermission
• System.Diagnostics.EventLogPermissionAttribute
• System.Diagnostics.PerformanceCounterPermission
• System.Diagnostics.PerformanceCounterPermissionAttribute
• System.DirectoryServices.DirectoryServicesPermission
• System.DirectoryServices.DirectoryServicesPermissionAttribute
• System.Drawing.Printing.PrintingPermission
• System.Drawing.Printing.PrintingPermissionAttribute
• System.Net.DnsPermission
• System.Net.DnsPermissionAttribute
• System.Net.Mail.SmtpPermission
• System.Net.Mail.SmtpPermissionAttribute
• System.Net.NetworkInformation.NetworkInformationPermission
• System.Net.NetworkInformation.NetworkInformationPermissionAttribute
• System.Net.PeerToPeer.Collaboration.PeerCollaborationPermission
• System.Net.PeerToPeer.Collaboration.PeerCollaborationPermissionAttribute
• System.Net.PeerToPeer.PnrpPermission
• System.Net.PeerToPeer.PnrpPermissionAttribute
• System.Net.SocketPermission
• System.Net.SocketPermissionAttribute
• System.Net.WebPermission
• System.Net.WebPermissionAttribute
• System.Runtime.InteropServices.AllowReversePInvokeCallsAttribute
• System.Security.CodeAccessPermission
• System.Security.HostProtectionException
• System.Security.IPermission
• System.Security.IStackWalk
• System.Security.NamedPermissionSet
• System.Security.PermissionSet
• System.Security.Permissions.CodeAccessSecurityAttribute
• System.Security.Permissions.DataProtectionPermission
• System.Security.Permissions.DataProtectionPermissionAttribute
• System.Security.Permissions.DataProtectionPermissionFlags
• System.Security.Permissions.EnvironmentPermission
• System.Security.Permissions.EnvironmentPermissionAccess
• System.Security.Permissions.EnvironmentPermissionAttribute
• System.Security.Permissions.FileDialogPermission
• System.Security.Permissions.FileDialogPermissionAccess
• System.Security.Permissions.FileDialogPermissionAttribute
• System.Security.Permissions.FileIOPermission
• System.Security.Permissions.FileIOPermissionAccess
• System.Security.Permissions.FileIOPermissionAttribute
• System.Security.Permissions.GacIdentityPermission
• System.Security.Permissions.GacIdentityPermissionAttribute
• System.Security.Permissions.HostProtectionAttribute
• System.Security.Permissions.HostProtectionResource
• System.Security.Permissions.IUnrestrictedPermission
• System.Security.Permissions.IsolatedStorageContainment
• System.Security.Permissions.IsolatedStorageFilePermission
• System.Security.Permissions.IsolatedStorageFilePermissionAttribute
• System.Security.Permissions.IsolatedStoragePermission
• System.Security.Permissions.IsolatedStoragePermissionAttribute
• System.Security.Permissions.KeyContainerPermission
• System.Security.Permissions.KeyContainerPermissionAccessEntry
• System.Security.Permissions.KeyContainerPermissionAccessEntryCollection
• System.Security.Permissions.KeyContainerPermissionAccessEntryEnumerator
• System.Security.Permissions.KeyContainerPermissionAttribute
• System.Security.Permissions.KeyContainerPermissionFlags
• System.Security.Permissions.MediaPermission
• System.Security.Permissions.MediaPermissionAttribute
• System.Security.Permissions.MediaPermissionAudio
• System.Security.Permissions.MediaPermissionImage
• System.Security.Permissions.MediaPermissionVideo
• System.Security.Permissions.PermissionSetAttribute
• System.Security.Permissions.PermissionState
• System.Security.Permissions.PrincipalPermission
• System.Security.Permissions.PrincipalPermissionAttribute
• System.Security.Permissions.PublisherIdentityPermission
• System.Security.Permissions.PublisherIdentityPermissionAttribute
• System.Security.Permissions.ReflectionPermission
• System.Security.Permissions.ReflectionPermissionAttribute
• System.Security.Permissions.ReflectionPermissionFlag
• System.Security.Permissions.RegistryPermission
• System.Security.Permissions.RegistryPermissionAccess
• System.Security.Permissions.RegistryPermissionAttribute
• System.Security.Permissions.ResourcePermissionBase
• System.Security.Permissions.ResourcePermissionBaseEntry
• System.Security.Permissions.SecurityAction
• System.Security.Permissions.SecurityAttribute
• System.Security.Permissions.SecurityPermission
• System.Security.Permissions.SecurityPermissionAttribute
• System.Security.Permissions.SecurityPermissionFlag
• System.Security.Permissions.SiteIdentityPermission
• System.Security.Permissions.SiteIdentityPermissionAttribute
• System.Security.Permissions.StorePermission
• System.Security.Permissions.StorePermissionAttribute
• System.Security.Permissions.StorePermissionFlags
• System.Security.Permissions.StrongNameIdentityPermission
• System.Security.Permissions.StrongNameIdentityPermissionAttribute
• System.Security.Permissions.StrongNamePublicKeyBlob
• System.Security.Permissions.TypeDescriptorPermission
• System.Security.Permissions.TypeDescriptorPermissionAttribute
• System.Security.Permissions.TypeDescriptorPermissionFlags
• System.Security.Permissions.UIPermission
• System.Security.Permissions.UIPermissionAttribute
• System.Security.Permissions.UIPermissionClipboard
• System.Security.Permissions.UIPermissionWindow
• System.Security.Permissions.UrlIdentityPermission
• System.Security.Permissions.UrlIdentityPermissionAttribute
• System.Security.Permissions.WebBrowserPermission
• System.Security.Permissions.WebBrowserPermissionAttribute
• System.Security.Permissions.WebBrowserPermissionLevel
• System.Security.Permissions.ZoneIdentityPermission
• System.Security.Permissions.ZoneIdentityPermissionAttribute
• System.Security.Policy.ApplicationTrust.ApplicationTrust(PermissionSet, IEnumerable<StrongName>)
• System.Security.Policy.ApplicationTrust.FullTrustAssemblies
• System.Security.Policy.FileCodeGroup
• System.Security.Policy.GacInstalled
• System.Security.Policy.IIdentityPermissionFactory
• System.Security.Policy.PolicyLevel.AddNamedPermissionSet(NamedPermissionSet)
• System.Security.Policy.PolicyLevel.ChangeNamedPermissionSet(String, PermissionSet)
• System.Security.Policy.PolicyLevel.GetNamedPermissionSet(String)
• System.Security.Policy.PolicyLevel.RemoveNamedPermissionSet
• System.Security.Policy.PolicyStatement.PermissionSet
• System.Security.Policy.PolicyStatement.PolicyStatement
• System.Security.Policy.Publisher
• System.Security.Policy.Site
• System.Security.Policy.StrongName
• System.Security.Policy.StrongNameMembershipCondition
• System.Security.Policy.Url
• System.Security.Policy.Zone
• System.Security.SecurityContext
• System.Security.SecurityManager
• System.ServiceProcess.ServiceControllerPermission
• System.ServiceProcess.ServiceControllerPermissionAttribute
• System.Threading.Thread.GetCompressedStack()
• System.Threading.Thread.SetCompressedStack(CompressedStack)
• System.Transactions.DistributedTransactionPermission
• System.Transactions.DistributedTransactionPermissionAttribute
• System.Web.AspNetHostingPermission
• System.Web.AspNetHostingPermissionAttribute
• System.Xaml.Permissions.XamlLoadPermission

因應措施

• 如果您要判斷提示任何安全性權限，請移除判斷提示權限的屬性或呼叫。

  // REMOVE the attribute below.
  [SecurityPermission(SecurityAction.Assert, ControlThread = true)]
  public void DoSomething()
  {
  }
  public void DoAssert()
  {
      // REMOVE the line below.
      new SecurityPermission(SecurityPermissionFlag.ControlThread).Assert();
  }
  

• 如果您要拒絕或限制任何權限 (透過 PermitOnly)，請連絡安全顧問。 由於 .NET 5+ 執行階段不接受 CAS 屬性，因此，如果應用程式不正確地依賴 CAS 基礎結構以限制對這些方法的存取，可能會出現安全性漏洞。

  // REVIEW the attribute below; could indicate security vulnerability.
  [SecurityPermission(SecurityAction.Deny, ControlThread = true)]
  public void DoSomething()
  {
  }
  public void DoPermitOnly()
  {
      // REVIEW the line below; could indicate security vulnerability.
      new SecurityPermission(SecurityPermissionFlag.ControlThread).PermitOnly();
  }
  

• 如果您需要任何權限 (PrincipalPermission 除外)，請移除需求。 所有需求在執行階段都會成功。

  // REMOVE the attribute below; it will always succeed.
  [SecurityPermission(SecurityAction.Demand, ControlThread = true)]
  public void DoSomething()
  {
  }
  public void DoDemand()
  {
      // REMOVE the line below; it will always succeed.
      new SecurityPermission(SecurityPermissionFlag.ControlThread).Demand();
  }
  

• 如果您需要 PrincipalPermission，請參閱 SYSLIB0002：PrincipalPermissionAttribute 已過時的指引。 PrincipalPermission 和 PrincipalPermissionAttribute 均適用該指引。

隱藏警告

若您必須使用已淘汰的 API，您可以在程式碼或專案檔中隱藏警告。

若要只隱藏單一違規，請將前置處理器指示詞新增至原始程式碼檔案，以停用並重新啟用警告。

// Disable the warning.
#pragma warning disable SYSLIB0003

// Code that uses obsolete API.
// ...

// Re-enable the warning.
#pragma warning restore SYSLIB0003

若要隱藏專案中的所有 SYSLIB0003 警告，請將 <NoWarn> 屬性新增至專案檔。

<Project Sdk="Microsoft.NET.Sdk">
  <PropertyGroup>
   ...
   <NoWarn>$(NoWarn);SYSLIB0003</NoWarn>
  </PropertyGroup>
</Project>

如需詳細資訊，請參閱隱藏警告。

另請參閱

• SYSLIB0002：PrincipalPermissionAttribute 已淘汰