ITEC102PART2 Flashcards
Objects that represent specific authorizations
Permissions
Determines what code is permitted to do:
set of permissions to grant to an assembly
Policy
Inputs to policy about code, from multiple sources
Evidence
object represents a specific authorization, such as access to a resource
“permission to do something”
Permission
is an authorization given to an assembly (code)
“this code is authorized to do something”
Grant
is a security check for corresponding grants
“is something allowed?” (else, raise exception)
Demand
Permissions for Framework resources
• These permissions represent access to protected resources.
Standard .NET permissions
These permissions represent code identity. They are granted to code based on its corresponding evidence.
Identity permissions
A user identity permission is also supported. this is the only non-code access permission in the framework
Other permission
Most permissions are code access permissions ( true/ false )
True
Demanding a permission performs a _____ ______ checking for related grants of all callers
Stack walk
Modifiers provide fine-grained, dynamic control over state of grants on the stack
Stack Walk Modifiers
“I vouch for my callers; checks for perm can stop at this frame”
■ Example: “Gatekeeper” classes
Assertion
appropriate permission from caller
Demand
permission to call unmanaged code
Make the unmanaged call
Assert