Code Access Security in .NET 2.0
page 3 of 7
by Uday Denduluri
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 29984/ 52


In the previous sections we understood that before the code executes it can ask the runtime for the permission to execute. The permission for an assembly is given by placing attributes. Placing attributes and asking permissions is known as declarative syntax. (It should be noted that it is not mandatory for the code to ask for the permission.)

Let us understand this with the help of an example. If we have an application that reads and writes to the local hard disk then the application must have FileIOPermission. If the code does not request FileIOPermission and the local security settings do not allow your application to have this permission, a security exception is raised when the application attempts to write to the disk. There are 2 things that need to be understood here.

·         The local system security does not allow the application to do anything on the disk.

·         The Application does not request for the FileIOPermission.

On a different scenario, if the application requests FileIOPermission and the local security settings does not permit the application to have FileIOPermission, the application will generate the exception. But in this case, we can programmer can ensure that user will not loose any data.

Different Types of permissions

We have different types of permission sets. Let us see some of them in detail.

1.    Minimum permissions (RequestMinimum) - Permissions for the code have to run.

2.    Optional permissions (RequestOptional) - Permissions for the code that can be bypassed to run without them.

3.    Refused permissions (RequestRefuse) - Permissions that you want to ensure will never be granted to your code, even if security policy allows them to be granted.

Listing 1 shown below is the code written in C# that explains the request for permission from an assembly using attributes.

Listing 1

[assembly:PermissionSetAttribute(SecurityAction.RequestMinimum, Name = "FullTrust")] 

View Entire Article

User Comments

Title: Code Access Security in .NET 2.0   
Name: Developer
Date: 2008-01-09 4:36:06 PM
Really good one....
Title: Code Access Security in .NET 2.0   
Name: Shakeer....
Date: 2007-06-01 12:50:07 AM

Good one...........

Product Spotlight
Product Spotlight 

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2024  |  Page Processed at 2024-04-22 3:54:49 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search