imagine the following environment: an XBAP application running in partial trust mode (the default behavior requiring Full Trust is not an option, but before you ask if full trust is provided by XBAP, everything works as expected ) refers to a locally installed assembly that located in the GAC. To do this, we enable the " AllowPartiallyTrustedCallers" parameter for local assembly, and full trust is also provided. (imagine this is a kind of local connection)
(by the way, we know about the security aspects of using the AllowPartiallyTrustedCallers attribute, this is beyond the scope of this article, but anyway)
Now, even if our local GAC assembly has full trust (we can verify this by calling it Assembly.GetExecutingAssembly().IsFullyTrustedat any time), it will not fulfill any requirements (implicit or explicit), since it is called by a partially trusted subscriber (our XBAP). (correct me if I donβt understand something). Fortunno, we can make explicit statements to get permissions inside our local GAC assembly, for example:
new System.Security.Permissions.FileIOPermission(.....).Assert();
Thus, we could prevent the stack from loading completely according to the requirements right now and make any access to the files as necessary. (again, please correct me ...)
It really works great! (in this case)
, IO, , , ( , , -, , - , ), , , , GAC. ( , , , , )
:
, , (PermissionSet) . , , - - - , , - , , - , .
-, ttribute
[System.Security.Permissions.PermissionSet(
System.Security.Permissions.SecurityAction.Assert, Name = "FullTrust")]
.
-, , AppDomain, GAC AppDomains - appdomain - - ), , ... AppDomain , "MyComputer". SecurityPermission. AppDomain.
-, caspol . (- )
, , , , .
: , , ?
Advance