All geek questions in one place

In what scenarios will a SecurityException be implemented in .NET?

A short answer has already been given. I am looking for a long answer. Sub questions:

  • Will an application of full trust ever throw a SecurityException? If so, in what circumstances?
  • What are CRL Security Settings, where are they, and how much do I need to worry about them?
  • It is pointless to catch an ArgumentException, for example. int.Parse("25") . When can I be sure that a SecurityException will never be thrown?
+4
source share
2 answers

For a complete answer, I recommend loading the rotor of the shared source and looking for the places where the SecurityException is SecurityException .

The site is loaded here: http://www.microsoft.com/downloads/en/details.aspx?FamilyId=8C09FD61-3F26-4555-AE17-3121B4F51D4D&displaylang=en

And some examples:

  • HttpWebRequest.CheckResubmit if Demand() on WebPermission fails
  • BaseConfigurationRecord.CheckPermissionAllowed if Demand() for a ConfigurationPermission(PermissionState.Unrestrictred) fails in certain circumstances

(there are many more)

...

+2
source

This is not an exhaustive answer, but an application with full ASP.net trust will throw a SecurityException if NTFS permissions on the files that make up the web application do not allow access to the set of identifiers against the application pool, in which the web application works at the bottom. You get a very confusing exception, similar to the fact that the application does not have full trust, even if it is. You simply cannot guarantee that a security exception will never be thrown because it depends on the environment and not on the code you can write. for example the same code on two different servers, you can throw a SecurityException, but the other cannot.

0
source

Source: https://habr.com/ru/post/1346930/

More articles:


All Articles