Silverlight Security Cheat Sheet

Over the last week we took a look at the new Silverlight security model.  When you're writing a Silverlight application though, there's a lot of information there that you may not want to wade through to get yourself unblocked.  Here's a quick cheat sheet highlighting the important points that you'll need to know when working with the Silverlight security model:

  • All applications written for Silverlight are security transparent.  This means that they cannot: [details]
    • Contain unverifiable code
    • Call native code directly
  • Silverlight applications can access public methods exposed by platform assemblies which are either: [details]
    • Security transparent (neither the defining type nor the method has any security attributes)
    • Security safe critical (the method has a SecuritySafeCriticalAttribute)
  • Silverlight applications may contain types which derive from: [details]
    • Other types defined in the application
    • Unsealed, public, security transparent types and interfaces defined by the platform
  • Silverlight applications may contain types which override virtual methods and implements interface methods which are: [details]
    • Defined in the application itself
    • Defined by the platform and are transparent or safe critical