Sunday, July 6, 2008

.Net Code Access Security Introduction

CAS is the programatically means by which you secure the resouce of a system like file system, printer, registry, etc. in contrast to Role Base Security (RBS).

RequestOptional is used to grant permission to a resource.
RequestRefuse is used to revoke permission to a resource.

In following example I am going to restrict writing to C drive. Incase if user tries to write to C drive programatically he is receive an exception.

using System.Security.Permissions;
using System.Security;
using System.IO;

[assembly: FileIOPermissionAttribute(SecurityAction.RequestRefuse , Write="c:\\")]namespace WindowsFormsApplication1
public partial class Form1 : Form
StreamWriter sw;

private void button1_Click(object sender, EventArgs e)
sw = File.CreateText("c:\\Shalvin.txt");

For a detailed coverage of Code Access Security refer
Courtesy : Jeevan Baby, Indiaoptions