O'Reilly logo

Improving Web Application Security: Threats and Countermeasures by Microsoft Corporation

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Link Demands

A link demand differs from a regular permission demand in that the run-time demands permissions only from the immediate caller and does not perform a full stack walk. Link demands are performed at JIT compilation time and can only be specified declaratively.

Carefully consider before using a link demand because it is easy to introduce security vulnerabilities if you use them. If you do use link demands, consider the following issues:

  • Luring attacks

  • Performance and link demands

  • Calling methods with link demands

  • Mixing class and method level link demands

  • Interfaces and link demands

  • Structures and link demands

  • Virtual methods and link demands

Luring Attacks

If you protect code with a link demand, it is vulnerable to luring attacks, where malicious ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required