Closed jonpryor closed 4 years ago
Context: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1139578 Context: https://liquid.microsoft.com/Web/Object/Read/ms.security/Requirements/Microsoft.Security.SystemsADM.10039#guide
The current security guidance is that the System.Runtime.InteropServices.DefaultDllImportSearchPathsAttribute attribute should be placed either on the assembly or on [DllImport] methods, to control and constrain where LoadLibraryEx() will look for native libraries.
System.Runtime.InteropServices.DefaultDllImportSearchPathsAttribute
[DllImport]
LoadLibraryEx()
The advice is to use:
[assembly: DefaultDllImportSearchPathsAttribute(DllImportSearchPath.SafeDirectories)]
Context: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1139578 Context: https://liquid.microsoft.com/Web/Object/Read/ms.security/Requirements/Microsoft.Security.SystemsADM.10039#guide
The current security guidance is that the
System.Runtime.InteropServices.DefaultDllImportSearchPathsAttributeattribute should be placed either on the assembly or on[DllImport]methods, to control and constrain whereLoadLibraryEx()will look for native libraries.The advice is to use: