Code-based security
Question: The security policy under .NET is defined on four levels:
the enterprise level, the machine level, the user level and the application
domain level. Assume that all assemblies have full rights (that is, their
permission set is FullTrust ) on the enterprise, the user, and
the application domain level. The security policy on the machine level is
defined as follows: see book
What rights does an assembly MSApp get, which comes from
Microsoft, is signed and was loaded from http://dotnet.jku.at/apps ?
To which code groups does it belong on the machine level?
Answer: see 3.8.1 Code-based Security, Determining the Rights of an Assembly
Assembly MSApp belongs to the code groups:
- all code
- Zone: Internet
- Publisher: Microsoft
- URL: http://dotnet.jku.at/*
... and thus receives the rights for the permission sets:
- Nothing
- Internet
- Microsoft
- SSW
|