Being Aware of Permissions at Runtime

Previous page
Table of content
Next page
for RuBoard

There is quite a bit of code you can write that shouldn't need to directly deal with Code Access Security. However, there are some cases where your application should be aware of what might be happening with regards to Code Access Security. First, if your application is designed to behave differently depending on what permissions it was granted, you can use the SecurityManager.IsGranted method to easily check for certain granted permissions without needing to perform a stack walk. Second, if your application is working with protected resources, you need to plan what should happen if a SecurityException is thrown.

Using SecurityManager.IsGranted

If you have designed your application to work differently depending on what permissions it was granted, you probably used an optional assembly permission request to state what permissions your assembly would like to use. However, optional permission requests can't tell you which permissions your assembly was actually granted. You could simply demand permissions to see what you were granted, but this doesn't limit the check to the one specific assembly. The System.Security.SecurityManager class has a method named IsGranted that will return true or false to tell you if your calling assembly was granted a specific permission.

If you really want to check all the callers on the stack, you can always put a permission demand inside a try block and catch any SecurityException s that occur.

Remember, a stack walk is a heavyweight mechanism that can truly enforce security. SecurityManager.IsGranted is lightweight in comparison, but it is not suitable for enforcing security.

Dealing with SecurityException s

Your application should be aware of when SecurityException s can be thrown. Whenever you access a protected resource, there is a possibility that a demand will fail. In such a case, if you do not catch the SecurityException yourself, it will bubble up to a higher level. If your caller doesn't catch the exception, the application's process will get taken down or a user will get a dialog box saying your application performed some invalid action. To avoid this situation, it is best to be conservative and set exception handlers at high level points in your application, such as the Main method for single-threaded applications.

for RuBoard

Previous page
Table of content
Next page
. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235
Authors: Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
Interprocess Communications in Linux: The Nooks and Crannies
Metrics and Models in Software Quality Engineering (2nd Edition)
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Introduction to 80x86 Assembly Language and Computer Architecture
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy