C# security - LinkDemand or SecurityCritical or any explanation?

Question

I have run security check on my application, and got the following warning:

'Parser.GenerateJeffpReport(string)' calls into 'Process.Start()' which has a LinkDemand. By making this call, 'Process.Start()' is indirectly exposed to user code. Review the following call stack that might expose a way to circumvent security protection:

I have googled it, and found this question:

what does this security warning mean (.Net Process class)?

I tried to do as the recomended answer, i.e. set my method with:

[PermissionSetAttribute(SecurityAction.LinkDemand, Name="FullTrust")] 

However, I got the following warning:

Microsoft.Security : 'Parser.ParseJeff(string)' is protected with a LinkDemand for 'PermissionSetAttribute'. In the level 2 security rule set, it should be protected by being security critical instead. Remove the LinkDemand and mark 'Parser.ParseJeff(string)' security critical.

What shall I do? What is the meaning of all of it anyway? why is it a security issue? I didn't found microsoft documentation at ths topic helpfull at all.

Answer 1

replace

[PermissionSetAttribute(SecurityAction.LinkDemand, Name="FullTrust")] 

with

[SecurityCritical]

The SecurityCriticalAttribute is equivalent to a link demand for full trust. A type or member marked with the SecurityCriticalAttribute can be called only by fully trusted code; it does not have to demand specific permissions. It cannot be called by partially trusted code.

Answer 2

You can also use [PermissionSetAttribute(SecurityAction.Demand, Name="FullTrust")].