Code Access Security

Hi ppl,
The .NET Framework is based on the concept of distributed applications, in which an application does not necessarily have a single owner.To circumvent the problem of which parts of the application (being assemblies) to trust, code access security is introduced.This is a very powerful way to protect the system from code that can be malicious or just unstable. Remember that it is always active, even if you do not use it in your own code. CAS helps you in:
■ Limiting access permissions of assemblies by applying security policies
■ Protecting the code from obtaining more permissions than the security
policy initially permits
■ Managing and configuring permission sets within security policies to
reflect the specific security needs
■ Granting assemblies specific permissions that they request
■ Enabling assemblies in demanding specific permissions from the caller
■ Using the caller’s identity and credentials to access protected resources
and code

0 comments: