Category list

How Actions Are Considered Safe or Unsafe

The .NET code-access security system assigns your application or component permissions such as file-access, user -interface , and network permissions as the basis of determining what safe or unsafe operations your application is allowed to perform. The collective set of permissions assigned to your application is based on the level of trust assigned to your application. Applications installed— including applications installed by the means of a setup program from the Internet—and run on your computer are considered to be highly trusted , so they’re given all available permissions. By contrast, components loaded and run from the Internet are considered highly untrusted and are given few permissions.

The .NET code-access security system uses a sophisticated means of determining what permissions your Microsoft Visual Basic .NET application or component is granted. The location from which the application is run is a major factor in determining what permissions your application is granted. For example, if the chart component is loaded by an application that you run on your local computer, the chart component is given the permission to delete files. However, if the chart component is run directly from the Internet (actually, components or applications run directly from the Internet are first downloaded to a special Internet download cache on your computer and executed), it’s denied the permission to delete files. The location from which an application is run is a piece of evidence the code-access security system uses to determine what permissions to grant the application. Chapter 10 demonstrates how you can supply other types of evidence, such as the name of your application, to the code-access security system so that it will grant your application custom permissions.

Note

Be wary of applications and components you are asked to install and run on your computer (as presented in Chapter 10). These applications typically are accompanied by a dialog box that warns you about running an application you have downloaded from the Internet (or opened in e-mail), and you are given the choice to save the application or execute it. Just because applications or components that run on your computer are highly trusted and considered safe by the .NET code-access security system does not mean that the component will behave as advertised or is somehow verified to not do bad things. If you download and install an application or component from the Internet—including .NET applications and components—the code-access security model is not aware of this fact. The application or component will run with full trust and will be able to perform any action that you can perform on the computer. If you are logged in as the administrator, the component will have free reign over your system. This is why it is important that you log on as a regular user and not as an administrator, as presented in Chapter 11.

What Prevents Harmful Code from Executing?

In the case where an application is executed directly from an untrusted environment such as the Internet, code-access security prevents harmful code from executing by first checking whether the code has permission to perform a particular operation such as deleting files—this is formally known as making a Demand for a particular permission. For example, when the chart component—contained on a Web page— executes a statement such as the Visual Basic .NET Kill statement to delete a file, the Kill statement first demands a permission to delete files, and if the permission is not granted a security exception is thrown and the file is not deleted.

Buy on amazon.com >>

Robinson E., Bond M.J

<< Previous page

Table of contents

Next page >>

Flylib.com

Category list

Similar pages

How Actions Are Considered Safe or Unsafe

How Actions Are Considered Safe or Unsafe

What Prevents Harmful Code from Executing?

Similar products