Code Access Security best practice
From: Graham (grahamREMOVE_at_MEmainlineconsultants.com)
Date: 06/29/04
- Previous message: Danny van Kasteel: "Ho do I present custom evidence of authentication to a server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Jun 2004 16:04:52 +0100
Hi
I have just started using FXCop which has informed me that I should be
specifying permission requests for each assembly. I am new to code
access security so I have had a good read around and think I am starting
to understand. I have three assemblies in the app - the GUI, business
objects and a data access dll that reads and writes to xml files on the
local machine. As far as I can tell I only need FileIO permissions for
the data access dll. A few questions:
* do I need to grant the calling assemblies the FileIO permission as
well or is there a way to tell the data access dll to trust my business
objects and just deal with the permission in the one assembly.
*As I don't know the path how can I restrict the FileIO scope and still
get my assembly through FXCop which presumably enforces the rule for
reasons of best practice. Ideally I would like to do something like:
[assembly:FileIOPermissionAttribute
(SecurityAction.RequestMinimum, All="C:\\my unknown path")]
[assembly:PermissionSet
(SecurityAction.RequestOptional,Unrestricted=false)]
...in the AssemblyInfo file which would grant the assembly the right
permissions and prevent all others. If I omit these attributes and set
the permissions in the constructors of the relevant classes (where I can
retrieve the correct path) FXCop gets upset. Should I ignore it and go
with this approach?
Thanks in advance
Graham
- Previous message: Danny van Kasteel: "Ho do I present custom evidence of authentication to a server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
