.NET 2.0中引入了1級透明度模型(但是僅在程式集內被強制),透明代碼是不可以訪問關鍵代碼的,即使是在同一個程式集內(或是在同一個類型裡),如下代碼:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security;
using System.Security.Permissions;
//使用透明度模型層級1
[assembly: SecurityRules(SecurityRuleSet.Level1)]
[assembly: SecurityCritical]
namespace Mgen
{
class Program
{
//透明
static void Main(string[] args)
{
doo();
}
//關鍵
[SecurityCritical, SecurityTreatAsSafe]
static void doo()
{ }
}
}
此代碼會拋出異常:
Unhandled Exception: System.MethodAccessException: Attempt by security transpare
nt method 'Mgen.Program.Main(System.String[])' to access security critical metho
d 'Mgen.Program.doo()' failed.
顯然透明代碼是不能直接存取關鍵代碼的。
在透明度模型層級1,可以使用SecurityTreatAsSafe特性標記在方法上,就可以正常訪問了:
[SecurityCritical, SecurityTreatAsSafe]
static void doo()
{ }
不過在.NET 4.0後引入了透明度模型層級2,安全模型發生了許多變化,SecurityTreatAsSafe也被廢棄,取而代之的是SecuritySafeCritical特性,直接標記目標為“可靠安全的程式碼”。
在.NET 4.0上述代碼完整應該是:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security;
using System.Security.Permissions;
//.NET 4.0預設使用透明度模型層級2
[assembly: AllowPartiallyTrustedCallers]
namespace Mgen
{
class Program
{
//透明
static void Main(string[] args)
{
doo();
}
//可靠關鍵
[SecuritySafeCritical]
static void doo()
{ }
}
}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
