O'Reilly logo

.NET Framework Security by Kevin T. Price, Rudi Martin, Matthew Lyons, Sebastian Lange, Brian A. LaMacchia

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Limitations of the .NET Framework Security System

While the .NET Framework offers a very flexible environment in which to secure your code and takes every opportunity to make such implementations as simple and foolproof as possible, it will not do all of your work for you. The designers and implementers of code must be aware of the security subsystem's limitations.

For instance, the security system cannot divine the intent of code. It doesn't know “good” code from “bad” code. It merely knows how to take a set of administrator-supplied rules (policy), apply it to known facts about an assembly (evidence), and generate the set of permissions that describe the level of trust now assigned to that assembly (the grant set). Demands are applied mechanically ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required