What is the purpose CAS (Code Access Security)?

不羁的心 提交于 2019-12-10 12:53:46

问题


I have been a part of so many web applications but have never used CAS, perhaps have also never felt the need to use the same.

When is the need to use CAS? Do people actually use it in their applications?


回答1:


CAS is really only useful (so to speak) in desktop applications, where you want to restrict what an application run from over the network (for example) is able to do on the local machine. I've found that fooling with CAS is asking for a big, pointless headache, even in this circumstance. The default configuration is generally the most sensible.

This type of model is obviously much less useful for a web application, since you implicitly trust all of the code in the application.




回答2:


I guess I have to be the lone voice in the wilderness, and disagree with the other responders here.
As I elaborated in my answer to a similar question a few months ago, there are specific scenarios where CAS is the way to go. Of course, this only applies if you're very security-conscious and dealing with a sensitive system, AND taking into account that this simply provides an additional layer of defense, you're probably not gonna get to the place where you need this till you fix all the other serious issues in your application.
Again, CAS gives you the capability to limit what your APPLICATION can do, not just your users, and in a very granular way.




回答3:


The only place I have ever encountered CAS is in Sharepoint where it is used to limit what a custom assembly in the BIN directory can have access to (e.g., the sharepoint object model). Many people think CAS is too complex and not worth the trouble, so they end up throwing the assembly in the GAC. But if you do that, then you better scrutinize the code for any security risks.




回答4:


I've never seen it used.

It exists solely so that you can say the maximum level of security your code should run in. It's more of a lawsuit protection mechanism than anything else in the sense that you can claim that your code could not possibly of been authorized to execute a certain function.

Personally, I believe it's a waste of time as it offers no real protections to the underlying operating system.

Here some more information about it from microsoft: http://msdn.microsoft.com/en-us/library/930b76w0(VS.71).aspx




回答5:


I ran across it once, when learning WPF. It was used in this Sudoku tutorial to load plugins from other users. A special application domain was created for the plugin with few access rights and communication was performed with .NET remoting. The tutorial provides some good insight into secure plugin loading.




回答6:


VSTO is a useful technology that lets you run managed code written in a .NET language from Office documents, instead of using VBA. It requires using caspol in 2 ways on client machines:

  • Permission Office to run DLLs from the location where the DLLs are deployed.

  • Permission Office to run DLLs from the location where the Office document was opened.

I've found caspol to be a nightmare, and I think that, like Makefiles, only 1 caspol script has ever been written from scratch.




回答7:


I have to agree with the other opionions here – CAS is one of those things that may look good on paper, but I have never seen it used in serious LOB applications and I probably never will. What amazes me is that people often ask CAS-related questions at the interviews – now that is completely pointless. :)




回答8:


An example of CAS is in WPF hosted-in-browser apps (.xbap's).

The problem there is how to protect clients from managed code running in an appdomain hosted by the browser.

To do that, WPF (more exactly, PresentationHost.exe) creates an appdomain that has restricted permissions. The code that runs within its boundaries, runs with a limited set of permissions (e.g. no File IO, no Registry access, only safe printing, etc).

Another point of view to consider when thinking about CAS usefulness is put on the shoes on someone writing a library that will be installed in client machines. How do you protect client machines and their networks from partially trusted code running in the browser e.g. as part of a WPF application calling into those libraries? CAS helps completes the puzzle here, making appropriate demands so partially trusted code only has access to safely exposed functionality.



来源:https://stackoverflow.com/questions/420854/what-is-the-purpose-cas-code-access-security

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!