Code Access Security
Another runtime service provided by the CLR is Code Access Security (CAS), which is tightly coupled to the call stack just like exceptions. At the time the CLR was designed, the Internet had become a popular means of distributing software. Unfortunately, this model also came with lots of security concerns; numerous security breaches were known to be caused by blindly executing malicious code that was downloaded from the Internet. This urgently demanded new ways to prevent malicious code from running, and that’s what CAS is all about.
Up until the point the CLR was introduced, authentication and authorization mechanisms were tied to the concept of users and groups. For instance, a user authenticated to the system by providing ...
Get C# 4.0 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
