开发者

Are there commercially deployed and used .NET CAS (Code Access Security) based applications?

I've seen a couple threads here on SO that ask about what CAS is and how to use it.My specific is specifically focused on real-world usages of CAS.

For example:

  • DotNetNuke did some efforts in the past to be able to run under Medium Trust: is that still true? what is the % of DNN that run in partial trust (i.e. not full trust)? what & of DNN modules run in partial trust?)
  • Sharepoint defaults to a Partially-Trusted environment on dlls executed from the bin folder: How many 'commercia开发者_开发百科lly' available WebParts can run in this bin folder (without changing the policy)?

The key here is to be able to point to CAS success stories, so that other companies feel that they should also invest in writing CAS-enabled apps


I've found that IT Admins couldn't understand CAS or know that it actually existed. The Control Panel application is painful to use and differs in Operating System and .net editions.

Software Developers generally didn't understand the Microsoft CAS implemenation and over time it's not been made any easier to configure, deploy or manage. Considering we are 8 years into .net it's a fairly sad reflection on Microsofts attempts with Security with .net.


Since .NET 4 Beta 2, the policy portion of code access security (CAS) has been made obsolete. See Code Access Security Is No Longer Used in .NET 4 Beta 2. It's still an interesting feature of .NET to manage or enforce internal access rights, but any feature that relies on IT admins to sep policies would create confusion.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜