April 2002
Intermediate to advanced
816 pages
20h 56m
English
book
.NET Framework Security
by Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price
Content preview from .NET Framework SecurityBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Code Access Security
Code Access Security (CAS) is the foundation of security in the .NET Framework. It is a key part of this book, but the following description will only cover CAS at a high level.
CAS is based on the assumption that different code should have different levels of trust. For instance, code loaded from some random place on the Internet should probably be less trusted than an application you install on your computer. Code with more trust should be allowed to do more on your computer. For instance, perhaps you want the installed application to be able to read your personal data. However, you almost certainly don't want all code from the Internet to be able to do that.
One problem with a scheme of differing trust levels is its susceptibility ...