有人真的在他们的应用程序中使用 .Net CAS 吗?

发布于 2024-11-08 07:08:09 字数 433 浏览 5 评论 0原文

我正在考虑参加 70-536 考试,里面有所有关于 CAS 和 caspol 之类的东西。

有没有人真正花时间装饰性或命令性地使用 CAS?

我知道对 CAS 代码组、权限集等有基本了解会很有用,但我无法理解我真正想要使用它的真实场景?

我了解 SecurityAction Demand 和 LinkDemand 的作用,但我无法想象实际使用它们。我想到的唯一场景是,如果我有一个强命名的程序集,该程序集将从互联网上以提升的权限运行,并且出于某种原因,我想确保任何调用我的程序集的人也拥有适当的权限......但是什么时候真的会这样?发生?

我只做Winforms开发,也许在网络应用程序中这是人们经常需要解决的更大问题?

也许我的安全意识不够,哈哈。

再说一遍,我不是在寻找微软文档的链接:)我正在寻找人们使用这些东西的真实示例。

谢谢

I am thinking about taking the 70-536 exam, and there is all this stuff about CAS and caspol and stuff.

Has anyone out there actually taken the time to use CAS either Decoratively or Imperatively?

I can see where it would be useful to have a basic understanding of CAS Codegroups, permission sets and what not, but i can't fathom a real scenario where I would ever actually want to use it?

I understand what the SecurityAction Demand and LinkDemand do, i just can't imagine actually using them. The only scenario that comes to mind would if i had a strongly named assembly that would run from the internet with elevated privileges and for some reason i wanted to make sure that anybody calling my assemblies also had appropriate permissions... but when does that really happen?

I only do Winforms development, perhaps in web apps this a greater concern that people often need to address?

Perhaps I am not security minded enough, lol.

Again, i'm not looking for links to microsoft documentation :) i'm looking for realworld examples where people use this stuff.

thanks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

始终不够爱げ你 2024-11-15 07:08:09

任何需要运行不受信任的代码的场景。 Windows 应用程序的插件就是一个例子。

Any scenario, where you have untrusted code you need to run. Plugins for windows application is one example.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文