Chapter 6. Permissions: The Workhorse of Code Access Security

for RuBoard

By Matthew Lyons

IN THIS CHAPTER

  • Permissions Explained

  • How Permissions Are Used

  • Declarative and Imperative Security

  • Built-in Permissions

  • Permission Sets

So far we have covered the difference between user identity and code identity, and we have examined in detail how code identity is constructed using evidence. Identity by itself isn't enough, though. The only thing that evidence provides is authentication ”a way to ensure that we have identified a piece of code. What we are still missing is a set of privileges and an authorization mechanism to map identities to those privileges. This chapter will cover the privileges, or permissions, in .NET terminology.

Roughly speaking, a permission is a fine-grained privilege that can be given to .NET code. If the .NET code is not given a certain privilege, it cannot perform an action that requires that privilege. For example, it is considered a privilege for .NET code to write to the file system. If code is not granted a permission for this, trying to write to the file system will generate a security error. No privileges are automatically granted to code.

This chapter will cover the following aspects of permissions:

  • Types of permissions and their corresponding classes

  • How permissions are used for authorization in the .NET Framework

  • The set of permission classes built into the .NET Framework

  • Permission sets and their purpose

for RuBoard


. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net