You create an application by using Microsoft Visual Studio .NET 2008 and the .NET Framework 3.5.
The application includes the following components:
– A Windows Presentation Foundation (WPF) user interface
– A class library that implements business logic
You provide documentation to allow customers to use the class library in custom applications. This class library will throw a custom exception.
This custom exception will include a state that provides security-sensitive information.
You need to design the exception to meet the following requirements:
– The unit tests and the WPF user interface can retrieve security-sensitive information.
– Customer applications cannot retrieve security-sensitive information.
What should you do?
A.
Create a custom code access security permission that can be used to secure your exception type.
B.
Report security-sensitive information in a custom property that has a non-obvious property name.
C.
Report security-sensitive information through an override of the System.Object.ToString method only after verifying the calling application path. If the verification fails, then return a string that does not include the security-sensitive information.
D.
Report security-sensitive information through an override of the System.Object.ToString method only after demanding an appropriate permission. If the permission demand fails, then return a string that does not include the security-sensitive information.