Code Access Security - Basics and Example

Posted by jobless-spt on Stack Overflow See other posts from Stack Overflow or by jobless-spt
Published on 2010-03-08T16:49:11Z Indexed on 2010/03/08 16:51 UTC
Read the original article Hit count: 531

Filed under:
|
|
|

I was going through this link to understand CodeAccessSecurity: http://www.codeproject.com/KB/security/UB_CAS_NET.aspx

It's a great article but it left me with following questions:

  1. If you can demand and get whatever permissions you want, then any executable can get Full_Trust on machine. If permissions are already there, then why do we need to demand those?

  2. Code is executing on Server, so the permissions are on server not on client machine?

  3. Article takes an example of removing write permissions from an assembly to show security exception. Though in real world, System.IO assembly (or related classes) will take care of these permissions. So is there a real scenario where we will need CAS?

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about c#