Summary
So what have we learned?
First, security is a fundamental concept, not a bolt-on module of code. A basic understanding of security is required of everyone working on a project, not just a security team; otherwise, security holes will result. If code is to be granted trust by a system administrator, it must earn that trust by not compromising system security.
Second, the runtime security is in addition to, not an alternative to, operating system security.
Finally, the runtime provides a rich set of resource access methods with prepackaged security checks, plus the ability to add more checks and even create new types of checking. None of this automates the security process, however, or absolves the developer from the need to understand ...
Get .NET Framework Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
