IStackWalk

IStackWalk

System.Security (mscorlib.dll)interface
public interface IStackWalk { // Public Instance Methods    public void Assert(  );    public void Demand(  );    public void Deny(  );    public void PermitOnly(  ); }

Permission classes that use stack walks to resolve security demands implement the IStackWalk interface. These include the PermissionSet class, as well as the CodeAccessPermission class, from which all standard code-access and identity permissions inherit.

IStackWalk defines the Demand( ) method, which duplicates the method of the same name defined in the IPermission interface. However, the IStackWalk.Demand( ) method initiates a stack-walk-based security demand, whereas IPermission.Demand( ) is not intended to use the call stack to resolve security demands. The Assert( ), Deny( ), and PermitOnly( ) methods annotate the call stack frame of the code from which they are executed, and affect the stack walk process initiated by a Demand( ) call.

Assert( ) allows code to vouch for the permissions of the callers above it on the call stack. During a stack walk, if a demanded permission matches, or is a subset of, the asserted permission, the stack walk terminates successfully without evaluating further stack frames. If the asserted permissions provide only a partial match of those demanded, the stack walk continues but only for the remaining unasserted permissions. Code must have been granted a permission in order to assert it, and the code must have the permission to assert defined by the System.Security.Permissions.SecurityPermission class.

Deny( ) has the opposite effect of Assert( ). If the demanded permission matches, or is a subset of the denied permission, the stack walk is terminated, and the runtime throws a SecurityException to the code that initiated the Demand( ).

PermitOnly( ) functions as an inverted Deny( ). Instead of specifying the permissions that should terminate a stack walk, PermitOnly( ) specifies those permissions that permit the stack walk to continue unaffected. PermitOnly( ) provides a more concise way of denying large sets of permissions without the need to specify them all in a Deny( ) override.

Implemented By

CodeAccessPermission, PermissionSet



Programming. NET Security
Programming .Net Security
ISBN: 0596004427
EAN: 2147483647
Year: 2005
Pages: 346

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net