Code that calls unmanaged Win32 APIs or COM components requires the unmanaged code permission. This should only be granted to highly trusted code. It is defined by the SecurityPermission type with its Flags property set to SecurityPermissionFlag.UnmanagedCode.
The following guidelines for calling unmanaged code build upon those introduced in Chapter 7.
Use naming conventions to indicate risk.
Request the unmanaged code permission.
Sandbox unmanaged API calls.
Use SupressUnmanagedCodeSecurityAttribute with caution.
Categorize your unmanaged code and prefix the types used to encapsulate the unmanaged APIs by using the following naming convention.
Safe. This identifies code that poses no possible security ...