|
. NET Framework Security Authors: LaMacchia B. A., Lange S., Lyons M. Published year: 2000 Pages: 26-27/235 |
 |
| for RuBoard |
Base Class Library
Just as languages such as C and VB have standard libraries, the .NET Framework has a standard library. It is often referred to as the base class library, or BCL. While it is possible to write a .NET program without ever using the BCL, it is unlikely that anyone would want to do this.
The BCL divides functionality into different namespaces. The root namespace of the BCL is named System . Related functionality is often grouped together in its own namespace below this, such as System.IO for stream-based I/O. Microsoft-specific functionality is located under the Microsoft root namespace ( Microsoft.Win32.Registry , for example). To use BCL classes from the System.IO namespace, the following line would be required in a C# application:
using System.IO;
Some commonly used namespaces in the BCL are listed in Table 2.1. See the .NET Framework SDK for detailed information on each of these namespaces and associated classes.
Table 2.1. Commonly Used Namespaces in the BCL
| Namespace | Description |
|---|---|
| System | Primary data types, fundamental classes, and basic services |
| System.Collections | Frequently used data types such as lists, queues, and hash tables |
| System.Configuration | Classes to read .NET application configuration files |
| System.Data | Classes to access different types of data sources, such as SQL servers |
| System.Drawing | 2-D graphics APIs and access to GDI+ |
| System.IO | Classes for reading and writing to different types of data streams, such as file streams |
| System.NET | Classes for using common network protocols |
| System.Reflection | Classes for reading type information, creating types, and invoking methods using metadata |
| System.Runtime.Remoting | Classes for creating distributed applications |
| System.Runtime.Serialization | Serialization and deserialization classes using binary or SOAP encoding |
| System.Security | Classes for using code access security |
| System.Security.Cryptography | Classes for using cryptographic services such as encryption and hashing |
| System.Web | Web server and client management classes |
| System.Windows.Forms | Classes for writing GUI-based client applications |
| System.Xml | XML processing using XML standards such as XML 1.0, XPath, XSLT, and DOM levels |
| for RuBoard |
| for RuBoard |
Native Code Interoperability
Although the .NET Framework comes with a rich set of functionality, a tremendous amount of legacy code still exists. Organizations have spent millions and millions of dollars to create applications, libraries, and COM components . Rather than trying to force everyone to start from scratch, the .NET Framework was designed from the beginning to offer interoperability with existing native code.
Native code interoperability comes in two basic flavors in the runtime ”COM component interoperability (known as COM interop) and calling methods in native DLLs (known as Platform Invoke, or PInvoke). COM interop enables classic COM objects to be treated just like managed objects. Since classic COM objects already have some level of metadata information through IDL definitions, the translation to using them in managed code is rather transparent. Also, managed types can be treated as classic COM objects, making COM interoperability a two-way street. The most difficult challenge with COM interop is to properly marshal data between managed and native environments. The same difficulty in marshaling data is also true for PInvoke calls. However, in both cases, many types are automatically marshaled by the .NET Framework.
One serious problem with native code interoperability is that it is not possible to apply the same security rules to native code that can be applied to managed code. Type safety cannot be guaranteed with native code, so you can't be certain what will happen when you call a certain method via COM interop or PInvoke. Because of this, only highly trusted managed code should be allowed to call native COM objects or functions via PInvoke.
| for RuBoard |
|
. NET Framework Security Authors: LaMacchia B. A., Lange S., Lyons M. Published year: 2000 Pages: 26-27/235 |
|
Similar books
Similar materials
- IEEE 802.1Q Standard
- Re-creating a Library Item
- Creating Guitar Test Tracks
- Section 25.3. Four Ways Life Is Different on a Domain: Business Enterprise Ultimate
- Understanding Namespaces
- Hour5.Putting Namespaces to Use
- Analyzing Naming Convention Needs
- Context
- Things I Would Have Done Differently
- The Context and InitialContext Objects