When attempting to run an ASP.NET MVC application which uses Castle Windsor, the following error occurs.

Server Error in '/' Application.

Inheritance security rules violated while overriding member: 'Castle.MicroKernel.DefaultKernel.InitializeLifetimeService()'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.TypeLoadException: Inheritance security rules violated while overriding member: 'Castle.MicroKernel.DefaultKernel.InitializeLifetimeService()'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[TypeLoadException: Inheritance security rules violated while overriding member: 'Castle.MicroKernel.DefaultKernel.InitializeLifetimeService()'. Security accessibility of the overriding method must match the security accessibility of the method being overriden.]
Castle.Windsor.WindsorContainer..ctor() +0

The assemblies Castle.Core.dll and Castle.Windsor.dll have been built off the source code available on github. The source code for the assemblies includes the file SecurityAssemblyInfo.cs which has the following source code:

// Sets up assembly level security settings
#if ! SILVERLIGHT
[assembly: System.Security.AllowPartiallyTrustedCallers]
#if DOTNET40
[assembly: System.Security.SecurityRules(System.Security.SecurityRuleSet.Level2)]
#endif
#endif

I have verified using ILSpy that the System.Security.AllowPartiallyTrustedCallers attribute is declared at the assembly on both files.

The web application is being run with <trust level="Medium" />.

I have been able to get a successful build + run of my mvc application by making the following changes to Castle.Core:

SecurityAssemblyInfo.cs:

Changed to only the following:

[assembly: System.Security.AllowPartiallyTrustedCallers] [assembly: System.Security.SecurityRules(System.Security.SecurityRuleSet.Level1)]

ProxyGenerator.cs:

Changed three lines in ProxyGenerator::ProxyGenerator(IProxyBuilder):

if (HasSecurityPermission())
{
    Logger = new TraceLogger("Castle.DynamicProxy", LoggerLevel.Warn);
}

becomes:

// if (HasSecurityPermission())
// {
//    Logger = new TraceLogger("Castle.DynamicProxy", LoggerLevel.Warn);
// }

I have no idea what sort of consequences these might have. It would be nice if someone familiar with the SecurityRuleSets could chime in on the first part, and @Krzysztof Koźmic could advise me on why I had to comment out the trace logger.