Code Access Security - Evidence

Evidence

Evidence can be any information associated with an assembly. The default evidences that are used by .NET code access security are:

  • Application directory - The directory in which an assembly resides.
  • Publisher - The assembly's publisher's digital signature (requires the assembly to be signed via Authenticode).
  • URL - the complete URL where the assembly was launched from
  • Site - The hostname of the URL/Remote Domain/VPN.
  • Zone - the security zone where the assembly resides
  • Hash - a cryptographic hash of the assembly, which identifies a specific version.
  • Strong Name - a combination of the assembly name, version and public key of the signing key used to sign the assembly. The signing key is not an X509 certificate, but a custom key pair generated by the strong naming tool, SN.EXE or by Visual Studio.

A developer can use custom evidence (so-called assembly evidence) but this requires writing a security assembly and in version 1.1 of .NET this facility does not work.

Evidence based on a hash of the assembly is easily obtained in code. For example in C#, evidence may be obtained by the following code clause:

this.GetType.Assembly.Evidence

Read more about this topic:  Code Access Security

Famous quotes containing the word evidence:

    Washington has seldom seen so numerous, so industrious or so insidious a lobby. There is every evidence that money without limit is being spent to sustain this lobby.... I know that in this I am speaking for the members of the two houses, who would rejoice as much as I would to be released from this unbearable situation.
    Woodrow Wilson (1856–1924)

    Important as fathers are, their influence on children shouldn’t be exaggerated just because they were ignored so long. There is no evidence that there is something especially good about fathers as caretakers. There are no areas where it can be said that fathers must do certain things in order to achieve certain outcomes in children. The same goes for mothers.
    Michael Lamb (late–20th century)

    I don’t know what it is about fecundity that so appalls. I suppose it is the teeming evidence that birth and growth, which we value, are ubiquitous and blind, that life itself is so astonishingly cheap, that nature is as careless as it is bountiful, and that with extravagance goes a crushing waste that will one day include our own cheap lives.
    Annie Dillard (b. 1945)