Privileged Code

Previous page
Table of content
Next page

When you design and build secure assemblies, you must be able to identify privileged code. This has important implications for code access security. Privileged code is managed code that accesses secured resources or performs other security-sensitive operations, such as calling unmanaged code, using serialization, or using reflection. Privileged code is privileged because code access security must grant it specific permissions before it can function.

Privileged Resources

Privileged resources for which your code requires specific code access security permissions are shown in the Table 8.1.

SqlClientPermission

OleDbPermission

OraclePermission

Table 8.1: Secure Resources and Associated Permissions

Secure Resource

Requires Permission

Data access

Note  

The ADO.NET OLE DB and Oracle-managed providers currently require full trust.

Directory services

DirectoryServicesPermission

DNS databases

DnsPermission

Event log

EventLogPermission

Environment variables

EnvironmentPermission

File system

FileIOPermission

Isolated storage

IsolatedStoragePermission

Message queues

MessageQueuePermission

Performance counters

PerformanceCounterPermission

Printers

PrinterPermission

Registry

RegistryPermission

Sockets

SocketPermission

Web services (and other HTTP Internet resources)

WebPermission

Privileged Operations

Privileged operations are shown in Table 8.2, together with the associated permissions that calling code requires.

Table 8.2: Privileged Operations and Associated Permissions

Operation

Requires Permission

Creating and controlling application domains

SecurityPermission with SecurityPermissionFlag.ControlAppDomain

Specifying policy application domains

SecurityPermission with SecurityPermissionFlag.ControlDomainPolicy

Asserting security permissions

SecurityPermission with SecurityPermissionFlag.Assertion

Creating and manipulating evidence

SecurityPermission with SecurityPermissionFlag.ControlEvidence

Creating and manipulating principal objects

SecurityPermission with SecurityPermissionFlag.ControlPrincipal

Configuring types and channels remoting

SecurityPermission with SecurityPermissionFlag.RemotingConfiguration

Manipulating security policy

SecurityPermission with SecurityPermissionFlag.ControlPolicy

Serialization

SecurityPermission with SecurityPermissionFlag.SerializationFormatter

Threading operations

SecurityPermission with SecurityPermissionFlag.ControlThread

Reflection

ReflectionPermission

Calling unmanaged code

SecurityPermission with SecurityPermissionFlag.UnmanagedCode



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Strategies for Information Technology Governance
Software Configuration Management
C & Data Structures (Charles River Media Computer Engineering)
Cisco CallManager Fundamentals (2nd Edition)
Microsoft VBScript Professional Projects
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy