.NET 中部分受信任的程序集/应用程序/代码/等是什么?

发布于 2024-07-09 18:22:24 字数 198 浏览 8 评论 0原文

有人可以解释一下吗? 我在互联网上找不到任何内容,所有内容都在谈论如何以某种方式进行操作,但没有任何内容确切说明它是什么。

另外,什么是完全可信的程序集以及它们之间有何不同?

我有 MS 认证考试,这是我唯一不明白的主题。

编辑:谢谢大家。 现在我对 .NET 中的安全性有了更好的了解。 我能够通过认证考试。

Could someone please explain? I couldn't find anything on the internet, everything talks about how to go about it in some way, but nothing says exactly what it is.

Also, what is a fully trusted assembly and how do they differ from one another?

I have a MS certification exam and this is the only topic that I just don't understand.

EDIT: Thanks guys. Now I have a better understanding of security in .NET. I was able to pass my certification exam.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

浅语花开 2024-07-16 18:22:24

.NET 实现了一个名为代码访问安全。 非托管代码以启动应用程序的用户的特权和权限运行,即使代码恰好源自邪恶来源。

托管代码需要提供其来源的证据; 有多种方法可以做到这一点(例如,使用特定密钥对代码进行签名、从特定 URL 下载代码、代码位于磁盘上的特定目录中等)。 根据该证据,将程序集分组,并对其应用策略。 策略可以向代码组授予某些权限,主要涉及访问系统资源(执行 DNS 查找、打开网络连接、访问“隔离存储”、访问本地文件系统(全部或仅选定的目录)、访问注册表、访问网络共享等)。 控制面板中有一个工具可以让您定义此类策略。

当程序集尝试执行某些受限操作时,会进行权限检查。 如果授予访问权限,则操作将继续。 如果检查失败,则会抛出异常。
检查通常涉及堆栈遍历(即所有调用者都必须信任该操作),但也有例外。

作为一种特殊情况,人们可以向程序集分配“完全信任”,从而授予所有权限。 虽然我以前没有听说过“部分信任”一词,但我认为它指的是拥有某些权利的集会,但不是完全信任。

请理解,这只是一个概述 - 关于代码访问安全性还有很多要说的。

.NET implements a security model called code access security. Unmanaged code runs with the privileges and rights of the user starting the application, even if the code happens to originate from evil sources.

Managed code needs to provide evidence of its origin; there are various ways to do that (e.g. code is signed with a certain key, code was downloaded from a certain URL, code lives in a certain directory on disk, etc). Based on that evidence, assemblies are put into groups, for which policies are applied. A policy can grant certain permissions to a code group, primarily with regard to accessing system resources (performing DNS lookup, opening network connections, accessing "isolated storage", accessing the local file system (all of it, or just selected directories), accessing the registry, accessing network shares, etc). There is a tool in the control panel that allows you to define such policies.

When an assembly tries to perform some restricted operation, a privilege check is made. If access is granted, the operation proceeds. If the check fails, an exception is thrown.
The check typically involves a stack traversal (i.e. all callers must be trusted for that operation), but there are exceptions.

As a special case, one may assign "Full Trust" to an assembly, granting all permissions. While I haven't heard the term "partial trust" before, I'd assume it refers to assemblies who have some rights, but not Full Trust.

Please understand that this is just an overview - there is much more to be said about code access security.

过期以后 2024-07-16 18:22:24

完全信任程序集具有一组不受限制的代码访问安全权限,允许代码访问所有资源类型并执行特权操作,仅受操作系统安全的影响。 例如,如果用户 Bob 无法访问文件 Y,则在 Bob 用户空间中运行的完全信任程序集也无法访问。

部分信任程序集意味着代码以低于完全信任的方式运行。 .NET Framework 有几个预定义的 信任您可以直接使用或自定义级别以满足您的特定安全要求。 例如,您可以通过拒绝 SQLClientPermission 来阻止程序集访问 SQL 数据库。

程序集的信任级别也会因其来源而降低。 例如,来自网络共享(在旧版本的 .NET 中)的代码比来自本地计算机的代码可信度较低,因此执行特权操作的能力受到限制。

A full-trust assembly has an unrestricted set of code access security permissions, which allows the code to access all resource types and perform privileged operations, subject only to operating system security. For example, if user Bob cannot access file Y, then neither can a full-trust assembly running in Bob's user space.

A partial-trust assembly means that the code runs at less than full trust. The .NET Framework has several predefined trust levels that you can use directly or customise to meet your specific security requirements. For example, you can prevent an assembly from accessing SQL databases by denying SQLClientPermission.

The trust level of an assembly can also be diminished by its origin. For example, code coming from a network share (in older versions of .NET) is trusted less than code coming from the local computer, and as a result is limited in its ability to perform privileged operations.

童话 2024-07-16 18:22:24

也许一些背景会有所帮助。

想想浏览 stackoverflow 之类的事情。 浏览器本身的代码可以在您的计算机上执行任何操作(例如删除文件),并且还有该网站的 javascript 代码。 除了漂亮的淡入淡出效果和其他一些显示魔法之外,JavaScript 代码无法对您的计算机执行任何操作。

.net 有能力区分本地应用程序和远程应用程序。 您可以编写将在本地计算机上运行并且能够对本地计算机执行任何操作的应用程序。 并且该应用程序可以具有从互联网下载扩展dll的功能。 这些扩展将能够进行计算和操作显示。 但它们内部的代码希望能够删除文件。 因为它不被信任。

细节是错误的,但这就是想法(据我所知)。

Maybe some context will help.

Think about something like browsing stackoverflow. There is the code off the browser itself that can do anything on your computer (delete files for example ) and there is the javascript code of the site. The javascript code can't do anything to your computer except the nifty fade effects and some other display magic.

.net has the ability to provide such distinction between local application and remote ones. You can write application that will run on the local computer and will be able to do anything to the local computer. And this application can have a feature that download extension dll from the internet. Those extension will be able to do calculation and manipulate the display. But the code inside them want be able to delete files. Because it is not trusted.

The details are wrong but this is the idea ( as far as i understand it).

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文