. Net Security Mechanism

As there are not many contacts at work, it takes a lot of time to understand this part. The following is a simple description:

The security mechanism in Windows mainly involves these concepts: Who I Am (identity), what I want to do (operations), and what I want to access (resources ). In. net, change it to where I come from (location), what I want to do (operations), and what I want to access (resources ). As a result, the. NET security mechanism has the following concepts:CodeGroup,ProgramSet, permission, and permission set.

A code group is a security classification of an assembly. It is a tree structure, and an assembly can belong to a node in a code group. This affiliation does not need to be specified by users. Each code has only one condition that represents itself, such as zone, site, strong name, URL, etc, the Assembly automatically belongs to a branch in the code tree structure. The following are typical settings of the local code group:

Let's look at several examples. For example, an assembly on the local machine will naturally belong to the code group 1.1. zone-mycomputer (the condition for this code group is that the zone is the local machine), and the Assembly we access from the shared directory of a server will belong to 1.3. zone-Internet. Of course, if there are other code groups with finer conditions and the Assembly meets these conditions, it will be affiliated to a more detailed code group.

Permission In. net Framework is the built-in permission class ,.. NET Framework implements many permission instance classes, such as fileiopermission, uipermission, and filedialogpermission (all inherited from codeaccesspermission). Each permission entity class also defines operations for this permission, for example, fileiopermission contains read and write.

A permission set, as its name implies, is a set of permissions. This set is defined to facilitate the assignment of permissions to the code group. A code group corresponds to a permission set. This permission set is expressed in XML, which clearly expresses the permissions of this set. The following is a detailed description of the permission set named Internet:

Each entry represents a permission and a permission entity class. The XML file is reflected as a permission object for use at runtime.

Is the relationship diagram of elements in the security mechanism:

An assembly belongs to a code group, and the code group is assigned a permission set, so that an assembly knows the set of permissions it has at runtime. When the code in the Assembly performs an operation at runtime ,. net Framework will check the permissions of this assembly. If you do not have the permissions, A securityexception is thrown. The following is the call stack when the streamreader instance is created.. NET Framework.

At system. Security. codeaccesssecurityengine. Check (Object demand, stackcrawlmark & stackmark, Boolean ispermset)
At system. Security. codeaccesspermission. Demand ()
At system. io. filestream. init (string path, filemode mode, fileaccess access, int32 rights, Boolean userights, fileshare share, int32 buffersize, fileoptions options, security_attributes secattrs, string msgpath, Boolean bfromproxy)
At system. Io. filestream... ctor (string path, filemode mode, fileaccess access, fileshare share, int32 buffersize, fileoptions options)
At system. Io. streamreader... ctor (string path, encoding, Boolean detectencodingfrombyteordermarks, int32 buffersize)
At system. Io. streamreader .. ctor (string path)

For the permissions you write, you can perform similar checks in your code.

You can also define the permissions of an assembly in more detail. The current permissions of an assembly are mainly based on the code group to which it belongs, and the Assembly itself can also have its own permission definitions. For example, a required permission is required. If the code group does not have this permission, the program cannot be started. If you can deny a permission, even if you have this permission in the code group, the Assembly and other Assembly it calls do not have this permission. The Assembly permission can be specified on the Security tab, or through code or features in the code.

It is worth noting that the permission check not only checks the permission of the current Assembly, but also checks the Assembly permission at a higher position on the call stack. In this scenario, a server component can operate a Windows service on the local machine. This component has the full trust permission set on the local machine, therefore, it is no problem to start it from the server to access a Windows service. However, if you want to call this component from the client through WebService, it will not work, because the permission check will always check the start point of this call from this component in the call stack, this Assembly is found to be from the Internet, so the Internet permission group is used, and this permission group does not have the permission to operate Windows service. To make this call successful, you need to change the code group permission on the server. It is best to add a code group with clear conditions. Otherwise, security problems will occur.