Chapter 7. Permissions

1
Chapter 7. Permissions

• Programming .Net Security, OReilly Publishers

2
Granting Permissions

• CAS Code Access Security
• Method 1 Map Evidence to grants
• Types of evidence Application directory, hash
  value of the assembly, publisher, site, URL,
  Internet explorer security zone
• Method 2 Identity permissions

3
Requesting Permissions

• Request for minimum permissions assembly is not
  loaded if these are not possible
• Requesting optional permissions (in addition to
  the minimum) assembly is loaded but it is up to
  the assembly to handle situations where it does
  not have
• Refusing permissions Permissions that a runtime
  must never grant

4
Permission Types

• Code access permissions To represent actions and
  resoirces that are subject to security control
  E.g., System.Data.Common, System.Data.Odbc,
  System.Diagnsotics, System.DirectoryServices,
  Syste.Drawing.Printing, System.Net,
  System.Security.Permissions, etc.

5

• Identity permissions Represent certain types of
  host evidence an assembly presents to the runtime
  at load time.
• Types Publisher, Site, StringName, Url, Zone
• Examples To allow any code from the Local
  Intranet security zone to access your method
• To run your application only if it is executed
  from the website www.cs.odu.edu

6
Enforcing Code-access Security

• When loading an assembly, the .Net runtime
  evaluates an assembly, and determines what
  permissions to grant. A permissions object is
  created and assigned to the assembly.
• When the application calls for system service
  such as deleting a file, the delete method
  creates a FileIoPermission object that describes
  permissions needed to carry out the requested
  operation.
• Runtime checks the applications permissions with
  those required. Answer is either a confirmation
  to the called method or an exception.

7
Stack Walks

• In case there is a chain of threads that resulted
  in a final call to the method, run time checks
  the permissions of all the threads involved in
  the call, not just the one that last called.
• It walks up the stack, from the most recent to
  the least recent

8
Overriding a Stack walk

• Assert A layer vouches for all layers above it
• Eny Opposite of assert
• PermitOnly similar to dent but lets it limit the
  permissions

9
Security Statement Syntax

• Imperative security statements---appear in the
  body of programmers methods and functions and
  are hence part of the code in the assembly
• These can be used in conjunction with the normal
  program control constructs such as conditional
  and iterative statements
• Declarative security statements Expressed using
  attributes which are compiled to form an
  assemblys metadata