Static Members

You can access a data type or classes member functions using the dot operator

MyType.staticMethod();

You can access static methods of any type that is defined in the assembly. (Any custom type that has a TypeDef defined and all of the default TypeDefs in the build in libraries)

Security Warning!

Do not expose custom types that have static methods with unexpected security implications. Some classes have static members/methods that can have disastrous security consequences. For example, when creating the built-in libraries for the engine, I included a TypeDef for the UnityEngine.GameObject class. I quickly realized this was a bad idea because I could use the static methods in the GameObject class to "hack" the application in interesting ways! I used GameObject.Find() to find the UI elements in the application and move them around or even use GameObject.Destroy(gameobject) to destroy them.

It would not be good if you expose the ability to find, modify or destroy any GameObject in the app at run-time from code written at run-time!

The GameObject class is a particularly heinous example of insecure classes to expose, but there are countless others. Other examples would be:

• IO.File
• IO.Directory
• UnityEngine.Application the list goes on... there are countless horrible ways to compromise the security of your application.

Before exposing a type to the assembly, make sure to take into account the static members that will be accessible to the ccl when you do. You should treat ccl code as unsafe code, you have no guarantees that what is passed in is not malicious