Code Access Security - Policy

Policy

A policy is a set of expressions that uses evidence to determine a code group membership. A code group gives a permission set for the assemblies within that group. There are four policies in .NET:

  • Enterprise - policy for a family of machines that are part of an Active Directory installation.
  • Machine - policy for the current machine.
  • User - policy for the logged on user.
  • AppDomain - policy for the executing application domain.

The first three policies are stored in XML files and are administered through the .NET Configuration Tool 1.1 (mscorcfg.msc). The final policy is administered through code for the current application domain.

Code access security will present an assembly's evidence to each policy and will then take the intersection (that is the permissions common to all the generated permission set) as the permissions granted to the assembly.

By default, the Enterprise, User, and AppDomain policies give full trust (that is they allow all assemblies to have all permissions) and the Machine policy is more restrictive. Since the intersection is taken this means that the final permission set is determined by the Machine policy.

Note that the policy system has been eliminated in .NET Framework 4.0.

Read more about this topic:  Code Access Security

Famous quotes containing the word policy:

    We are apt to say that a foreign policy is successful only when the country, or at any rate the governing class, is united behind it. In reality, every line of policy is repudiated by a section, often by an influential section, of the country concerned. A foreign minister who waited until everyone agreed with him would have no foreign policy at all.
    —A.J.P. (Alan John Percivale)

    Maybe it’s understandable what a history of failures America’s foreign policy has been. We are, after all, a country full of people who came to America to get away from foreigners. Any prolonged examination of the U.S. government reveals foreign policy to be America’s miniature schnauzer—a noisy but small and useless part of the national household.
    —P.J. (Patrick Jake)

    The horror of Gandhi’s murder lies not in the political motives behind it or in its consequences for Indian policy or for the future of non-violence; the horror lies simply in the fact that any man could look into the face of this extraordinary person and deliberately pull a trigger.
    Mary McCarthy (1912–1989)