Home   Cover Cover Cover Cover
 

Code-based security

Question: The security policy under .NET is defined on four levels: the enterprise level, the machine level, the user level and the application domain level. Assume that all assemblies have full rights (that is, their permission set is FullTrust) on the enterprise, the user, and the application domain level. The security policy on the machine level is defined as follows: see book
What rights does an assembly MSApp get, which comes from Microsoft, is signed and was loaded from http://dotnet.jku.at/apps ? To which code groups does it belong on the machine level?

Answer: see 3.8.1 Code-based Security, Determining the Rights of an Assembly

Assembly MSApp belongs to the code groups:

  • all code
  • Zone: Internet
  • Publisher: Microsoft
  • URL: http://dotnet.jku.at/*
... and thus receives the rights for the permission sets:
  • Nothing
  • Internet
  • Microsoft
  • SSW