The. NET Framework
Garbage collection
What is garbage collection?
Garbage collection is a mechanism that enables a computer to detect when an object can no longer be accessed. It then automatically frees the memory that is used by the object (while calling a cleanup routine written by the user called "Finalizers"). Some garbage collector, such as the garbage collector used by. NET, compresses the memory, thereby reducing the working set of the program.
Back to Top
How does non-deterministic garbage collection affect code?
For most programmers, owning a garbage collector (and using garbage collection objects) means that even with complex data structures, you don't have to worry about freeing memory or referencing counting objects. However, if you typically release system resources (file handles, locks, and so on) in the same block of code that frees object memory, you do need to make some changes in the encoding style. For garbage collection objects, you should provide a way to free system resources in a way that is controlled by the program, and allow the garbage collector to free up memory when the working set is compressed.
Back to Top
Can you avoid using a garbage collection heap?
All languages oriented to the runtime allow class objects to be allocated from the garbage collection heap. This has the benefit of fast allocation and makes it unnecessary for programmers to figure out when to explicitly "release" each object.
The CLR also provides the so-called valuetype. ValueType are similar to classes, but the ValueType objects are allocated on the Run-time stack (not the heap), so they are automatically recycled when the code exits the process that defines the objects. That's how the "structure" works in C #.
Managed Extensions for C + + enable you to choose where to assign the class object. If declared as a managed class by the __gc keyword, they are allocated from the garbage collection heap. If they do not include the __gc keyword, they behave like regular C + + objects, are allocated from the C + + heap, and are explicitly released by the "Free" method.
For additional information about garbage collection, see:
- Garbage collection: Automated memory management in the Microsoft. NET Framework
- Garbage collection (part 2nd): Automatic memory management in the Microsoft. NET Framework
Back to Top
Remote processing
What are the working mechanisms in the common language runtime for both in-process and interprocess communication?
In-process communication has two aspects: communication between contexts in a single application domain or between application domains. In the context of the same application domain, the proxy is used as the listening mechanism. Does not involve any marshaling or serialization operations. When crossing multiple application domains, we use runtime binary protocols for marshaling/serialization.
interprocess communication uses pluggable channels and formatter protocols, where each protocol applies to a specific purpose.
- If the developer uses tool Soapsuds.exe to specify endpoints to generate the metadata proxy, the default is set to the HTTP channel with the SOAP formatter.
- If developers perform explicit remoting in a managed environment, you must explicitly use the channel and formatter. This can be expressed as an administrative form, through a configuration file, or through an API call to load a particular channel. The options are:
HTTP channel with SOAP formatter (HTTP is ideal for use on the Internet or for communication must go through a firewall)
TCP channel with binary formatter (TCP is a higher performance option for local area network (LAN))
When converting between managed and unmanaged code, the COM structure (specifically, DCOM) is used for remoting. In the intermediate version of the CLR, this is done by the component that is serviced (the component that uses COM + services). At the end of the release, you should be able to configure any remotely-processed components.
Distributed garbage collection for objects is hosted by a system called "lease based lifetime." Each object has a lease time, and when the time expires, the object is disconnected from the CLR's remoting structure. Object has a default renewal time, and the lease is renewed when the object is successfully invoked from the client. The client can also renew the lease explicitly.
Back to Top
Interoperability
Can I use COM objects in the. NET Framework program?
OK. Any COM component that is now deployed can be used in managed code, which is typically fully automated.
Specifically, automatic behavior uses the runtime callable Wrapper (RCW) to access COM components from the. NET framework. The wrapper converts COM interfaces exposed by COM components to interfaces that are compatible with the. NET Framework. For OLE automation interfaces, the RCW can be automatically generated from the type library. For non-OLE automation interfaces, developers can write custom RCW and manually map types exposed by COM interfaces to types that are compatible with the. NET Framework.
Back to Top
Can I use the. NET framework components in a COM program?
OK. The managed type that is now generated can be accessed through COM, and typically, the configuration is completely automatic. Some new features of the managed development environment are not accessible through COM. For example, static methods and parameterized constructors cannot be used through COM. In general, it is best to determine the intended user of a given type in advance. If you want to use the type through COM, you may be limited to using COM-accessible features.
Depending on the language used to write managed types, the type may or may not be visible by default.
Specifically, automatic behavior is the use of COM callable wrappers (CCW) to access. NET Framework components from COM. This is similar to an RCW (see the previous question), but it works in the opposite direction. In addition, if the. NET Framework development tool cannot automatically generate wrappers, or if automatic behavior is not what you want, you can develop a custom CCW.
Back to Top
Can I use the Win32 API in the. NET Framework program?
OK. Using platform invoke, the. NET Framework program can access the native code base through a static DLL entry point.
Here is a call to Win32
MessageBoxC # Example of a function:
Using System; Using System.Runtime.InteropServices; Class Mainapp {[DllImport ("user32.dll", entrypoint= "MessageBox")] public static extern int MessageBox (int hWnd, S Tring strmessage, String strcaption, uint uitype); public static void Main () {MessageBox (0, "Hello, this is PInvoke in operation!", ". NET", 0); } }
Back to Top
Security
What do I have to do to make the code work for the security system?
This is usually not a problem, and most applications will run safely and will not be exploited by malicious attacks. Security is enhanced by simply using standard class libraries to access resources, such as files, or performing protected actions, such as reflection of private members of a type. A simple thing a developer might need to do is include a permission request (in the form of a security declaration) to limit the permissions that the code can receive (the permissions it needs). This also ensures that when code is allowed to run, only all of the required permissions are available to do so.
Only a developer who writes a new base Class library exposes a new resource type needs to use the security system directly. Rather than making all the code potentially safe, code access security limits the risk to a very small number of code that explicitly overrides the security system.
Back to Top
Why do I get a security exception when I run code from a network shared drive?
The default security policy grants only a limited set of permissions to code from the local Intranet zone. This zone is defined by Internet Explorer security settings and should be configured to match the local network in the enterprise. Because files that are named by UNC or mapped drives, such as the NET Use command, are sent through that local network, the files are also in the local Intranet zone.
The default value is set for the worst case scenario for an unsecured Intranet. If your intranet is more secure, you can modify the security policy (with the. NET Framework Configuration tool or the CASPol tool) to grant additional permissions to the local intranet or its parts, such as a specific computer share name.
Back to Top
How do I make the code run when the security system stops it?
A security exception occurs when the code attempts to perform an operation that does not have permission to perform. Permission is granted based on known code conditions, especially its location. For example, code that runs from the Internet has less permissions than code that runs from the local computer, because experience proves that the former is usually less reliable than the latter. Therefore, in order for code that fails because of a security exception to run, you must increase the permissions granted to it. An easy way to do this is to move your code to a more trusted location, such as a local file system. This does not apply in all cases (WEB applications are a good example, and Intranet applications on corporate networks are another example). Therefore, if you do not change the location of your code, you can also change the security policy and grant more permissions to that location. This can be done using the. NET Framework Configuration tool or the Code Access Security Policy Utility (Caspol.exe). If you are a code developer or publisher, you can also digitally sign your code, and then modify the security policy to grant more permissions to code with that signature. However, when you take any of these actions, remember to grant the code less permissions because it is not from an identifiable source of trust. Before you move your code to the local computer or change the security policy, make sure that the trust code does not perform malicious or damaging actions.
Back to Top
How do I manage the security of personal computers? How do I manage the security of enterprise computers?
The. NET Framework includes the. NET Framework Configuration Tool--MMC Snap-in (Mscorcfg.msc) to configure several aspects of the CLR, including security policy. This snap-in supports not only managing security policies on the local computer, but also creating enterprise policy deployment packages that are compatible with System Management Servers and group policies. The command-line utility CASPol.exe can also be used for scripting policy changes on your computer. To run any of the tools in the command prompt, change the current directory to the installation directory of the. NET Framework (located in%windir%\microsoft.net\framework\v1.0.2914.16\) and type Mscorcfg.msc or Caspol.exe.
Back to Top
How is evidence-based security used with Windows 2000 security?
Evidence-based security (which authorizes code) is used with Windows 2000 security, which is based on the login identity. For example, in order to access a file, managed code must have both code access security file permissions, and must run under a login identity with NTFS file access. The managed libraries included in the. NET Framework also provide classes for role-based security. These classes enable applications to use Windows logon identities and user groups.
Back to Top
