The code access security mechanism in the .NET Framework performs these functions:
- Defines permissions representing the right to access various system resources.
- Enables the configuration of security policy for code groups (groups of applications).
- Enables code to request required and useful permissions, and specifies the permissions the code shouldn't have.
- Ensures permissions are granted to each assembly loaded, based on the permissions requested by the code and the operations permitted by security policy.
- Enables code to ensure its host clients have specific permissions or that clients possess a digital signature, identifying a specific site or organization and restricting access to their client applications.
- Restricts code at run time by comparing the granted permissions of every caller on the stack to the permissions required to access the appropriate resources.
|