Code Access Security - Evidence

Evidence

Evidence can be any information associated with an assembly. The default evidences that are used by .NET code access security are:

  • Application directory - The directory in which an assembly resides.
  • Publisher - The assembly's publisher's digital signature (requires the assembly to be signed via Authenticode).
  • URL - the complete URL where the assembly was launched from
  • Site - The hostname of the URL/Remote Domain/VPN.
  • Zone - the security zone where the assembly resides
  • Hash - a cryptographic hash of the assembly, which identifies a specific version.
  • Strong Name - a combination of the assembly name, version and public key of the signing key used to sign the assembly. The signing key is not an X509 certificate, but a custom key pair generated by the strong naming tool, SN.EXE or by Visual Studio.

A developer can use custom evidence (so-called assembly evidence) but this requires writing a security assembly and in version 1.1 of .NET this facility does not work.

Evidence based on a hash of the assembly is easily obtained in code. For example in C#, evidence may be obtained by the following code clause:

this.GetType.Assembly.Evidence

Read more about this topic:  Code Access Security

Famous quotes containing the word evidence:

    Strict rules of evidence would destroy psychoanalysis and literary criticism.
    Mason Cooley (b. 1927)

    However backwards the world has been in former ages in the discovery of such points as GOD never meant us to know,—we have been more successful in our own days:Mthousands can trace out now the impressions of this divine intercourse in themselves, from the first moment they received it, and with such distinct intelligence of its progress and workings, as to require no evidence of its truth.
    Laurence Sterne (1713–1768)

    I don’t know what it is about fecundity that so appalls. I suppose it is the teeming evidence that birth and growth, which we value, are ubiquitous and blind, that life itself is so astonishingly cheap, that nature is as careless as it is bountiful, and that with extravagance goes a crushing waste that will one day include our own cheap lives.
    Annie Dillard (b. 1945)