Declarative Security Metadata

Previous page
Table of content
Next page

Declarative Security Metadata

The declarative security metadata resides in the metadata table DeclSecurity. A record in this table has the three entries described in the following list.

  • Action (2-byte unsigned integer)  The security action code.

  • Parent (coded token of type HasDeclSecurity)  The index to the Assembly, TypeDef, or Method metadata table, indicating the metadata item with which the DeclSecurity record is associated.

  • PermissionSet (offset in the #Blob stream)  Encoded representation of the permission set associated with a specific security action and a specific metadata item.

The following security action codes and their respective ILAsm keywords are defined for the security actions listed in the “Declarative Actions” section of this chapter and for special-purpose security actions:

  • Request: code 0x0001, ILAsm keyword request.

  • Demand: code 0x0002, ILAsm keyword demand.

  • Assert: code 0x003, ILAsm keyword assert.

  • Deny: code 0x0004, ILAsm keyword deny.

  • Permit Only: code 0x0005, ILAsm keyword permitonly.

  • Link Demand: code 0x0006, ILAsm keyword linkcheck.

  • Inheritance Demand: code 0x0007, ILAsm keyword inheritcheck.

  • Request Minimum: code 0x0008, ILAsm keyword reqmin.

  • Request Optional: code 0x0009, ILAsm keyword reqopt.

  • Request Refuse: code 0x000A, ILAsm keyword reqrefuse.

  • Pre-JIT Grant (persisted grant, set at pre-JIT compilation time by the Ngen.exe utility): code 0x000B, ILAsm keyword prejitgrant.

  • Pre-JIT Deny (persisted denial, set at pre-JIT compilation time): code 0x000C, ILAsm keyword prejitdeny. This security action is not supported in the first release of the common language runtime.

  • Non-CAS Demand: code 0x000D, ILAsm keyword noncasdemand. This action is similar to Demand, but the permission classes that make up the permission set must not be derived from System.Security.Permissions.CodeAccessPermission.

  • Non-CAS Link Demand: code 0x000E, ILAsm keyword noncaslinkdemand. This action is similar to Link Demand but has the same limitation as Non-CAS Demand.

  • Non-CAS Inheritance Demand: code 0x000F, ILAsm keyword noncasinheritance. This action is similar to Inheritance Demand but has the same limitation as Non-CAS Demand.

The blob indexed in the PermissionSet entry of the DeclSecurity record contains an encoded representation of the permission set object. In the first release of the common language runtime, the blob contains a Unicode-encoded XML description of the permission set.


Previous page
Table of content
Next page
Inside Microsoft. NET IL Assembler
Inside Microsoft .NET IL Assembler
ISBN: 0735615470
EAN: 2147483647
Year: 2005
Pages: 147
Authors: SERGE LIDIN
BUY ON AMAZON
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Strategies for Information Technology Governance
Image Processing with LabVIEW and IMAQ Vision
The CISSP and CAP Prep Guide: Platinum Edition
Developing Tablet PC Applications (Charles River Media Programming)
Cisco Voice Gateways and Gatekeepers
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy