Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Tham khảo tài liệu 'visual c# 2010 recipes solution_5', công nghệ thông tin, kỹ thuật lập trình phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | CHAPTER 11 SECURITY AND CRYPTOGRAPHY Note CAS is deprecated in .NET 4.0. How It Works To minimize the security risks posed by malicious code the runtime does not allow assemblies granted only partial trust to access strongly named assemblies. This restriction dramatically reduces the opportunity for malicious code to attack your system but the reasoning behind such a heavy-handed approach requires some explanation. Assemblies that contain important functionality that is shared between multiple applications are usually strongly named and are often installed in the Global Assembly Cache GAC . This is particularly true of the assemblies that constitute the .NET Framework class library. Other strongly named assemblies from well-known and widely distributed products are in the GAC and accessible to managed applications. The high chance that certain assemblies will be present in the GAC their easy accessibility and their importance to many different applications make strongly named assemblies the most likely target for any type of subversive activity by malicious managed code. Generally the code most likely to be malicious is that which is loaded from remote locations over which you have little or no control such as over the Internet . Under the default security policy of the .NET Framework all code run from the local machine has full trust whereas code loaded from remote locations has only partial trust. Stopping partially trusted code from accessing strongly named assemblies means that partially trusted code has no opportunity to use the features of the assembly for malicious purposes and cannot probe and explore the assembly to find exploitable holes. Of course this theory hinges on the assumption that you correctly administer your security policy. If you simply assign all code full trust not only will any assembly be able to access your strongly named assembly but the code will also be able to access all of the functionality of the .NET Framework and even Win32 or .