Code Access Security - Evidence

Evidence

Evidence can be any information associated with an assembly. The default evidences that are used by .NET code access security are:

  • Application directory - The directory in which an assembly resides.
  • Publisher - The assembly's publisher's digital signature (requires the assembly to be signed via Authenticode).
  • URL - the complete URL where the assembly was launched from
  • Site - The hostname of the URL/Remote Domain/VPN.
  • Zone - the security zone where the assembly resides
  • Hash - a cryptographic hash of the assembly, which identifies a specific version.
  • Strong Name - a combination of the assembly name, version and public key of the signing key used to sign the assembly. The signing key is not an X509 certificate, but a custom key pair generated by the strong naming tool, SN.EXE or by Visual Studio.

A developer can use custom evidence (so-called assembly evidence) but this requires writing a security assembly and in version 1.1 of .NET this facility does not work.

Evidence based on a hash of the assembly is easily obtained in code. For example in C#, evidence may be obtained by the following code clause:

this.GetType.Assembly.Evidence

Read more about this topic:  Code Access Security

Famous quotes containing the word evidence:

    I believe that no characteristic is so distinctively human as the sense of indebtedness we feel, not necessarily for a favor received, but even for the slightest evidence of kindness; and there is nothing so boorish, savage, inhuman as to appear to be overwhelmed by a favor, let alone unworthy of it.
    Marcus Tullius Cicero (106–43 B.C.)

    Strict rules of evidence would destroy psychoanalysis and literary criticism.
    Mason Cooley (b. 1927)

    Generally there is no consistent evidence of significant differences in school achievement between children of working and nonworking mothers, but differences that do appear are often related to maternal satisfaction with her chosen role, and the quality of substitute care.
    Ruth E. Zambrana, U.S. researcher, M. Hurst, and R.L. Hite. “The Working Mother in Contemporary Perspectives: A Review of Literature,” Pediatrics (December 1979)