Summary

for RuBoard

This chapter covered several issues to consider when writing a semi-trusted application. These topics include the following:

  • Restrictions on libraries that can be called ” APTCA and permission requirements limit what library code your application can use.

  • Making permission requests ” Assembly permission requests can help determine what permissions are granted to your code. In addition, they can give information about security requirements of your assembly to users and administrators.

  • Protecting data ” When dealing with data in your application, you need to consider how it is handled when persisted to disk, when stored in memory, and when sent over the network.

  • Being careful about what code gets executed ” There are many different implementation details of writing .NET Framework applications that can have security implications. Security needs to be considered throughout the whole software design and implementation process.

  • Being aware of permissions at runtime ” Applications should be prepared to deal with SecurityException s and plan on being granted different permissions at different times.

TIP

There is a tool from Microsoft called FxCop that can help you automatically search for known security issues in your .NET Framework applications. It also has many other checks for design guidelines, such as naming conventions. You can find this tool at http://www.gotdotnet.com/team/libraries/. Note that FxCop is by no means a substitute for proactively thinking about security through all parts of building .NET Framework applications.


for RuBoard


. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net