Microsoft solution framework - What is
Code-Access security? - Aug 11, 2009 at 19:00 pm by Shuchi Guari
What is Code-Access security?
In normal scenarios, software use
user credentials to execute code on a system. This can be harmful as malicious
code running under the user’s credentials can cause harm to the system without
the knowledge of the user. Alternatively, a security mechanism called
Code-Access security exists, which allows code to be trusted to different
levels depending upon the identity of the code or where it’s called from. This
separates the code from the user’s permissions on a system and allows it to
have its own set of permissions to execute operations on a system. This
approach is much more effective in stopping malicious code to hack or misuse
one’s code and perform operations on the system. One can set a list of actions
the code can be allowed to perform and also a set of actions that the code
should never be allowed to execute.
|
