Code Access Security - Fundamentals and Example

Question

I looked through this link to understand CodeAccessSecurity: http://www.codeproject.com/KB/security/UB_CAS_NET.aspx

This is a great article, but it left me with the following questions:

If you can request and get all the necessary permissions, then any executable file can get Full_Trust on the machine. If there are already permissions, then why do we need them?
The code is executed on the server, so the permissions are not on the client machine on the server?
This article provides an example of removing write permissions from an assembly to display a security exception. Although in the real world, the System.IO assembly (or related classes) will take care of these permissions. So is there a real scenario where we need CAS?

+5

user274915 Mar 08 '10 at 16:49

1 answer

rook · Accepted Answer · 2010-03-08T18:24:50+0000

The idea of “access to least privileges” is a very important Secuirty Principle. A hacker is going to make your application what he was not going to do. Whatever the rights the application has during the attack, the attacker will have the same rights. You cannot stop every attack against your application, so you need to reduce a possible attack as little as possible. This is not bullet proof, but it significantly raises the bar. Perhaps an attacker could tie up an escalation of privilege attack in his exploit.
. , . -. , - .
, Google. CAS .