SYSLIB0003: Code access security is not supported

Code access security (CAS) is an unsupported, legacy technology. The infrastructure to enable CAS, which exists only in .NET Framework 2.x - 4.x, is deprecated and not receiving servicing or security fixes.

As a result, most code access security (CAS)-related types in .NET are obsolete, starting in .NET 5. This includes CAS attributes, such as SecurityPermissionAttribute, CAS permission objects, such as SocketPermission, EvidenceBase-derived types, and other supporting APIs. Using these APIs generates warning SYSLIB0003 at compile time.

The complete list of obsolete CAS APIs is as follows:

• System.AppDomain.ExecuteAssembly(String, String[], Byte[], AssemblyHashAlgorithm)
• System.AppDomain.PermissionSet
• System.Configuration.ConfigurationPermission
• System.Configuration.ConfigurationPermissionAttribute
• System.Data.Common.DBDataPermission
• System.Data.Common.DBDataPermissionAttribute
• System.Data.Odbc.OdbcPermission
• System.Data.Odbc.OdbcPermissionAttribute
• System.Data.OleDb.OleDbPermission
• System.Data.OleDb.OleDbPermissionAttribute
• System.Data.OracleClient.OraclePermission
• System.Data.OracleClient.OraclePermissionAttribute
• System.Data.SqlClient.SqlClientPermission
• System.Data.SqlClient.SqlClientPermissionAttribute
• System.Diagnostics.EventLogPermission
• System.Diagnostics.EventLogPermissionAttribute
• System.Diagnostics.PerformanceCounterPermission
• System.Diagnostics.PerformanceCounterPermissionAttribute
• System.DirectoryServices.DirectoryServicesPermission
• System.DirectoryServices.DirectoryServicesPermissionAttribute
• System.Drawing.Printing.PrintingPermission
• System.Drawing.Printing.PrintingPermissionAttribute
• System.Net.DnsPermission
• System.Net.DnsPermissionAttribute
• System.Net.Mail.SmtpPermission
• System.Net.Mail.SmtpPermissionAttribute
• System.Net.NetworkInformation.NetworkInformationPermission
• System.Net.NetworkInformation.NetworkInformationPermissionAttribute
• System.Net.PeerToPeer.Collaboration.PeerCollaborationPermission
• System.Net.PeerToPeer.Collaboration.PeerCollaborationPermissionAttribute
• System.Net.PeerToPeer.PnrpPermission
• System.Net.PeerToPeer.PnrpPermissionAttribute
• System.Net.SocketPermission
• System.Net.SocketPermissionAttribute
• System.Net.WebPermission
• System.Net.WebPermissionAttribute
• System.Runtime.InteropServices.AllowReversePInvokeCallsAttribute
• System.Security.CodeAccessPermission
• System.Security.HostProtectionException
• System.Security.IPermission
• System.Security.IStackWalk
• System.Security.NamedPermissionSet
• System.Security.PermissionSet
• System.Security.Permissions.CodeAccessSecurityAttribute
• System.Security.Permissions.DataProtectionPermission
• System.Security.Permissions.DataProtectionPermissionAttribute
• System.Security.Permissions.DataProtectionPermissionFlags
• System.Security.Permissions.EnvironmentPermission
• System.Security.Permissions.EnvironmentPermissionAccess
• System.Security.Permissions.EnvironmentPermissionAttribute
• System.Security.Permissions.FileDialogPermission
• System.Security.Permissions.FileDialogPermissionAccess
• System.Security.Permissions.FileDialogPermissionAttribute
• System.Security.Permissions.FileIOPermission
• System.Security.Permissions.FileIOPermissionAccess
• System.Security.Permissions.FileIOPermissionAttribute
• System.Security.Permissions.GacIdentityPermission
• System.Security.Permissions.GacIdentityPermissionAttribute
• System.Security.Permissions.HostProtectionAttribute
• System.Security.Permissions.HostProtectionResource
• System.Security.Permissions.IUnrestrictedPermission
• System.Security.Permissions.IsolatedStorageContainment
• System.Security.Permissions.IsolatedStorageFilePermission
• System.Security.Permissions.IsolatedStorageFilePermissionAttribute
• System.Security.Permissions.IsolatedStoragePermission
• System.Security.Permissions.IsolatedStoragePermissionAttribute
• System.Security.Permissions.KeyContainerPermission
• System.Security.Permissions.KeyContainerPermissionAccessEntry
• System.Security.Permissions.KeyContainerPermissionAccessEntryCollection
• System.Security.Permissions.KeyContainerPermissionAccessEntryEnumerator
• System.Security.Permissions.KeyContainerPermissionAttribute
• System.Security.Permissions.KeyContainerPermissionFlags
• System.Security.Permissions.MediaPermission
• System.Security.Permissions.MediaPermissionAttribute
• System.Security.Permissions.MediaPermissionAudio
• System.Security.Permissions.MediaPermissionImage
• System.Security.Permissions.MediaPermissionVideo
• System.Security.Permissions.PermissionSetAttribute
• System.Security.Permissions.PermissionState
• System.Security.Permissions.PrincipalPermission
• System.Security.Permissions.PrincipalPermissionAttribute
• System.Security.Permissions.PublisherIdentityPermission
• System.Security.Permissions.PublisherIdentityPermissionAttribute
• System.Security.Permissions.ReflectionPermission
• System.Security.Permissions.ReflectionPermissionAttribute
• System.Security.Permissions.ReflectionPermissionFlag
• System.Security.Permissions.RegistryPermission
• System.Security.Permissions.RegistryPermissionAccess
• System.Security.Permissions.RegistryPermissionAttribute
• System.Security.Permissions.ResourcePermissionBase
• System.Security.Permissions.ResourcePermissionBaseEntry
• System.Security.Permissions.SecurityAction
• System.Security.Permissions.SecurityAttribute
• System.Security.Permissions.SecurityPermission
• System.Security.Permissions.SecurityPermissionAttribute
• System.Security.Permissions.SecurityPermissionFlag
• System.Security.Permissions.SiteIdentityPermission
• System.Security.Permissions.SiteIdentityPermissionAttribute
• System.Security.Permissions.StorePermission
• System.Security.Permissions.StorePermissionAttribute
• System.Security.Permissions.StorePermissionFlags
• System.Security.Permissions.StrongNameIdentityPermission
• System.Security.Permissions.StrongNameIdentityPermissionAttribute
• System.Security.Permissions.StrongNamePublicKeyBlob
• System.Security.Permissions.TypeDescriptorPermission
• System.Security.Permissions.TypeDescriptorPermissionAttribute
• System.Security.Permissions.TypeDescriptorPermissionFlags
• System.Security.Permissions.UIPermission
• System.Security.Permissions.UIPermissionAttribute
• System.Security.Permissions.UIPermissionClipboard
• System.Security.Permissions.UIPermissionWindow
• System.Security.Permissions.UrlIdentityPermission
• System.Security.Permissions.UrlIdentityPermissionAttribute
• System.Security.Permissions.WebBrowserPermission
• System.Security.Permissions.WebBrowserPermissionAttribute
• System.Security.Permissions.WebBrowserPermissionLevel
• System.Security.Permissions.ZoneIdentityPermission
• System.Security.Permissions.ZoneIdentityPermissionAttribute
• System.Security.Policy.ApplicationTrust.ApplicationTrust(PermissionSet, IEnumerable<StrongName>)
• System.Security.Policy.ApplicationTrust.FullTrustAssemblies
• System.Security.Policy.FileCodeGroup
• System.Security.Policy.GacInstalled
• System.Security.Policy.IIdentityPermissionFactory
• System.Security.Policy.PolicyLevel.AddNamedPermissionSet(NamedPermissionSet)
• System.Security.Policy.PolicyLevel.ChangeNamedPermissionSet(String, PermissionSet)
• System.Security.Policy.PolicyLevel.GetNamedPermissionSet(String)
• System.Security.Policy.PolicyLevel.RemoveNamedPermissionSet
• System.Security.Policy.PolicyStatement.PermissionSet
• System.Security.Policy.PolicyStatement.PolicyStatement
• System.Security.Policy.Publisher
• System.Security.Policy.Site
• System.Security.Policy.StrongName
• System.Security.Policy.StrongNameMembershipCondition
• System.Security.Policy.Url
• System.Security.Policy.Zone
• System.Security.SecurityContext
• System.Security.SecurityManager
• System.ServiceProcess.ServiceControllerPermission
• System.ServiceProcess.ServiceControllerPermissionAttribute
• System.Threading.Thread.GetCompressedStack()
• System.Threading.Thread.SetCompressedStack(CompressedStack)
• System.Transactions.DistributedTransactionPermission
• System.Transactions.DistributedTransactionPermissionAttribute
• System.Web.AspNetHostingPermission
• System.Web.AspNetHostingPermissionAttribute
• System.Xaml.Permissions.XamlLoadPermission

Workarounds

• If you're asserting any security permission, remove the attribute or call that asserts the permission.

  // REMOVE the attribute below.
  [SecurityPermission(SecurityAction.Assert, ControlThread = true)]
  public void DoSomething()
  {
  }
  public void DoAssert()
  {
      // REMOVE the line below.
      new SecurityPermission(SecurityPermissionFlag.ControlThread).Assert();
  }
  

• If you're denying or restricting (via PermitOnly) any permission, contact your security advisor. Because CAS attributes are not honored by the .NET 5+ runtime, your application could have a security hole if it incorrectly relies on the CAS infrastructure to restrict access to these methods.

  // REVIEW the attribute below; could indicate security vulnerability.
  [SecurityPermission(SecurityAction.Deny, ControlThread = true)]
  public void DoSomething()
  {
  }
  public void DoPermitOnly()
  {
      // REVIEW the line below; could indicate security vulnerability.
      new SecurityPermission(SecurityPermissionFlag.ControlThread).PermitOnly();
  }
  

• If you're demanding any permission (except PrincipalPermission), remove the demand. All demands will succeed at run time.

  // REMOVE the attribute below; it will always succeed.
  [SecurityPermission(SecurityAction.Demand, ControlThread = true)]
  public void DoSomething()
  {
  }
  public void DoDemand()
  {
      // REMOVE the line below; it will always succeed.
      new SecurityPermission(SecurityPermissionFlag.ControlThread).Demand();
  }
  

• If you're demanding PrincipalPermission, consult the guidance for SYSLIB0002: PrincipalPermissionAttribute is obsolete. That guidance applies for both PrincipalPermission and PrincipalPermissionAttribute.

Suppress a warning

If you must use the obsolete APIs, you can suppress the warning in code or in your project file.

To suppress only a single violation, add preprocessor directives to your source file to disable and then re-enable the warning.

// Disable the warning.
#pragma warning disable SYSLIB0003

// Code that uses obsolete API.
// ...

// Re-enable the warning.
#pragma warning restore SYSLIB0003

To suppress all the SYSLIB0003 warnings in your project, add a <NoWarn> property to your project file.

<Project Sdk="Microsoft.NET.Sdk">
  <PropertyGroup>
   ...
   <NoWarn>$(NoWarn);SYSLIB0003</NoWarn>
  </PropertyGroup>
</Project>

For more information, see Suppress warnings.

See also

• SYSLIB0002: PrincipalPermissionAttribute is obsolete