Making Permission Requests

for RuBoard

Making Permission Requests

Chapter 25 showed how to use permission requests in the "Using Declarative Security" section. So, this section will only cover when to use permission requests instead of the technical details of how to do it.

Ideally, you should have a list of permissions that you know your application must have to properly function. If you have the documentation for managed libraries you use, you should be able to gather this information while developing the application. When you have the list of required permissions, you should use it in a minimal permission request. This has two primary benefits. First, it is a statement to users and administrators that your application needs certain permissions to run properly. Second, it gives you a guarantee that if your assembly is running, you were granted all permissions in your minimal set.

When determining the minimal permissions your application will need, remember to take APTCA into account. If you plan to use any assemblies that are not marked with APTCA, your minimal permission request should be for full trust (that is, an unrestricted permission set). This is because without full trust, your application will throw a SecurityException at the point when you first access the non-APTCA assembly.

In addition to minimal permission requests, you can make optional and refuse requests. Optional requests state that your application could use a given request, but it is not necessary for your application to function. Refuse requests state that you never want to be granted a permission, regardless of a given security policy setting.

You can use refuse requests to limit the liability of your application. For example, if you plan on writing an application on the .NET Framework that just displays stock quotes, you could use a refuse request to make sure that it cannot write to the file system. No matter when you did in that application, any direct attempt to open a file to write data would cause a SecurityException .

for RuBoard


. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net