Security, Managed Code, and the CLR
At its most fundamental level, the security of the entire .NET platform is based on two things: the type safety of managed code and the vigilance of the Common Language Runtime (CLR). Type-safe managed code ensures that bounds checking is performed on all datatypes, including arrays and strings. It also does not permit inappropriate or dangerous type conversions or direct memory manipulations via pointers. In effect, type-safe code can access only memory locations that it is justifiably permitted to access, and those memory locations are accessible only in the intended legitimate manner. For example, type-safe managed code cannot directly access or modify the memory containing an object's fields or a class's ...
Get .NET Security and Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.