Summary

for RuBoard

This chapter introduced the various verification and validation checks presupposed by Code Access Security. All assemblies ship in the PE/COFF file format ”the CLR implements a number of checks preventing security exploits through the corruption of the file.

Assemblies also carry metadata that describes the type structure and has information about the identity of an assembly. Metadata is used throughout the CLR infrastructure to successfully execute assemblies. Therefore, the CLR also implements a number of metadata checks that prevent security holes through metadata corruption.

Compilers targeting the .NET Framework translate programming language source code into an object-oriented assembly language called IL.

The CLR tests whether the supposed IL stream is well formed . It also tests whether the IL honors the ways types define access to themselves . Only assemblies having been granted high levels of permissions will be able to execute unverifiable code.

Because the Code Access Security system itself relies on not having type contracts violated, it therefore relies on IL verification.

for RuBoard


. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net