Chapter 6. Permissions: The Workhorse of Code Access Security

By Matthew Lyons

IN THIS CHAPTER

So far we have covered the difference between user identity and code identity, and we have examined in detail how code identity is constructed using evidence. Identity by itself isn't enough, though. The only thing that evidence provides is authentication—a way to ensure that we have identified a piece of code. What we are still missing is a set of privileges and an authorization mechanism to map identities to those privileges. This chapter will cover the privileges, or permissions, in .NET terminology.

Roughly speaking, a permission is ...

Get .NET Framework Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.