Limitations of the .NET Framework Security System

While the .NET Framework offers a very flexible environment in which to secure your code and takes every opportunity to make such implementations as simple and foolproof as possible, it will not do all of your work for you. The designers and implementers of code must be aware of the security subsystem's limitations.

For instance, the security system cannot divine the intent of code. It doesn't know “good” code from “bad” code. It merely knows how to take a set of administrator-supplied rules (policy), apply it to known facts about an assembly (evidence), and generate the set of permissions that describe the level of trust now assigned to that assembly (the grant set). Demands are applied mechanically ...

Get .NET Framework Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.