DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
C#

C#

Made by DeepSource
Use Analyzer

Security attribute is ineffective due to parent scope's attribute CS-S1008

Security
Critical
 a05 owasp top 10

The SecurityCritical attribute specifies that code or an assembly performs security-critical operations whereas the SecuritySafeCritical attribute marks types or members as security-critical and safely accessible by transparent code. If SecuritySafeCritical is inside the scope of SecurityCritical or vice-versa, the inner security attribute becomes redundant and is no longer effective. Consider dropping such redundant attributes.

Bad Practice

using System;
using System.Security;

namespace CSharp;

[SecurityCritical]
public class Foo
{
    [SecuritySafeCritical]
    public void Bar()
    {
    }
}

Recommended

using System;
using System.Security;

namespace CSharp;

[SecurityCritical]
public class Foo
{
    public void Bar()
    {
    }
}

Reference