for RuBoard |
By Sebastian Lange
IN THIS CHAPTER
Before Making Any Security Policy Change: Administration Strategies
The Security Object Model of the .NET Framework
Increasing Trust for an Assembly or Software Publisher Using the Trust Assembly Wizard
Changing Trust for a Zone Using the Adjust Security Wizard
Manipulating the Security Policy Tree Directly ”Basic Techniques
Testing Security Policy Using the Evaluate Assembly Wizard
Modeling Policy Changes Using Open and New
Deploying Security Policy
Resetting Security Policy
The .NET Framework Configuration Tool's Self Protection Mechanism
Administrative Tactics: Scenarios, Solutions, Hints, and Tricks
Security administration can be a fine art. Without the appropriate administrative tools, changes to security policy can be error prone and can introduce security holes. Consequently, the .NET Framework ships with a rich graphical administration tool ”the .NET Framework Configuration tool. Most security administration tasks can easily be accomplished by using this tool. It will be your main aid in undertaking security policy changes as well as in analyzing the current state of security policy.
As you will have learned from previous sections of this book, the .NET Framework ships with a very expressive security model. It allows for incredible fine tuning as to which piece of code may or may not access a particular resource, such as the file system. This richness gives administrators the power to tailor security policy exactly to their needs, but also brings with it the responsibility to learn the ins and outs of the administrative tool and the security model underlying it.
In this chapter, you will find both an introduction to the features of the .NET Framework Configuration tool and general hints and tips concerning the security administration of the .NET Framework.
NOTE
From this point the .NET Framework Configuration tool will simply be referred to as "the tool". References to other tools will be made explicit.
The following are some of the key points of this chapter:
Security administration strategies and hints
Introduction to the basic operation of the tool
Introduction to the security administration wizards
Basics of directly manipulating the security policy tree
Hints and tricks concerning user , machine, or enterprise level security policy administration
How to model and try out policy changes without affecting your machine's own security policy
How to test security policy changes
NOTE
To fully understand this chapter, you should have a good grasp of the security model. In particular, you may want to review Chapter 8, "Membership Conditions, Code Groups, and Policy Levels: The Brick and Mortar of Security Policy," which introduces the concepts of membership conditions, code groups, and policy levels.
for RuBoard |