What is CAS (Code Access Security) in .NET, and how to achieve it? What are the benefits of using it?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What is CAS (Code Access Security) in .NET, and how to achieve it? What are the benefits of using it?
In short, CAS is the security sandbox for .NET. Local apps typically have full trust which means they can do anything. .NET apps that are hosted in the browser can’t do much. In between, just about any security setting can be fine-tuned using CAS.
It’s benefits: great control over what .NET apps can do, even within the context of the logged in user. The best part about it, IMO, is that security checks walk the stack, so that even if some code has permission to do something, if that method was called by another program that doesn’t have permission to do something, that request will fail (unless special measures are taken).
The downsides: it’s a pretty complex beast to learn. Lots of gotchas.