Desaware Home
Products    Purchase    Publishing    Articles   Support    Company    Contact    

Company
Contact Us
Background
Customers
News
Newsletter
In The News
Press Kit
User Groups
Careers
Privacy Policy

 

 

bluebar
Contact Desaware and order today

bluebar
Sign up for Desaware's Newsletter for the latest news and tech tips.

Desaware In The News

Testing Code Access Security

.NET Developers Journal, October 7, 2003
by Dan Appleman

Article Excerpt:
"Developing with Security
Now turn this around and look at it from the developer's perspective.

When developing COM or API-based applications, you knew that once your software was installed on a system, it had access to the full resources of that system. Yes, you may have had to worry about security with regard to the account running the software, but only some system resources were protected in that manner.

But with .NET, this changes. It is very possible that the system on which your software is running will restrict what your program can do. When a program is restricted in this manner it is said to be running in partial trust. Nowadays most .NET applications require full trust to run. This means that they either have to be installed on the local system, or the local system must set its policy to allow that application to run. But this is a limited solution, as most clients won't want to change their policies (and may not know how to do so). And if they do, they will want to grant the minimum rights required for your program to run - not full trust (because not only does full trust grant your program the right to do anything on their system, it potentially allows other programs to use your program maliciously to invade their system if you have flaws in your security programming)."

News
Learn More:
 
Products    Purchase    Articles    Support    Company    Contact
Copyright© 2012 Desaware, Inc. All Rights Reserved.    Privacy Policy