Code Access Security - Policy

Policy

A policy is a set of expressions that uses evidence to determine a code group membership. A code group gives a permission set for the assemblies within that group. There are four policies in .NET:

  • Enterprise - policy for a family of machines that are part of an Active Directory installation.
  • Machine - policy for the current machine.
  • User - policy for the logged on user.
  • AppDomain - policy for the executing application domain.

The first three policies are stored in XML files and are administered through the .NET Configuration Tool 1.1 (mscorcfg.msc). The final policy is administered through code for the current application domain.

Code access security will present an assembly's evidence to each policy and will then take the intersection (that is the permissions common to all the generated permission set) as the permissions granted to the assembly.

By default, the Enterprise, User, and AppDomain policies give full trust (that is they allow all assemblies to have all permissions) and the Machine policy is more restrictive. Since the intersection is taken this means that the final permission set is determined by the Machine policy.

Note that the policy system has been eliminated in .NET Framework 4.0.

Read more about this topic:  Code Access Security

Famous quotes containing the word policy:

    We should have an army so organized and so officered as to be capable in time of emergency, in cooperation with the National Militia, and under the provision of a proper national volunteer law, rapidly to expand into a force sufficient to resist all probable invasion from abroad and to furnish a respectable expeditionary force if necessary in the maintenance of our traditional American policy which bears the name of President Monroe.
    William Howard Taft (1857–1930)

    Carlyle said “a lie cannot live.” It shows that he did not know how to tell them. If I had taken out a life policy on this one the premiums would have bankrupted me ages ago.
    Mark Twain [Samuel Langhorne Clemens] (1835–1910)

    In considering the policy to be adopted for suppressing the insurrection, I have been anxious and careful that the inevitable conflict for this purpose shall not degenerate into a violent and remorseless revolutionary struggle.
    Abraham Lincoln (1809–1865)