19 Declarative Security


Many languages that target the CLI use attribute syntax to attach declarative security attributes to items in the metadata. This information is actually converted by the compiler into an XML-based representation that is stored in the metadata (see Partition II, section 21.11). By contrast, ilasm requires the conversion information to be represented in its input.

<securityDecl> ::=

 

.permissionset <secAction> = ( <bytes> )

| .permission <secAction> <typeReference> ( <nameValPairs> )

In .permission, <typeReference> specifies the permission class and <nameValPairs> specifies the settings. See Partition II, section 21.11.

In .permissionset, the bytes specify the serialized version of the security settings:

<secAction> ::=

Description

 

assert

Assert permission so that callers do not need it.

| demand

Demand permission of all callers.

| deny

Deny permission so checks will fail.

| inheritcheck

Demand permission of a subclass.

| linkcheck

Demand permission of caller.

| permitonly

Reduce permissions so check will fail.

| reqopt

Request optional additional permissions.

| reqrefuse

Refuse to be granted these permissions.

| request

Hint that permission may be required.

ANNOTATION

Implementation-Specific (Microsoft): The following security action is Microsoft-specific. A conforming implementation of the CLI may ignore this security action if present in an assembly.

<secAction> ::=

Description

| prejitgrant

Persisted denied set at preJIT time.


<nameValPairs> ::= <nameValPair> [, <nameValPair>]*

<nameValPair> ::= <SQSTRING> = <SQSTRING>



The Common Language Infrastructure Annotated Standard (Microsoft. NET Development Series)
The Common Language Infrastructure Annotated Standard (Microsoft. NET Development Series)
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 121

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net