Skip to main content

Declarative and Imperative Security to Protect Methods



Namespace: System.Security.Permissions

In Declarative security compiler perform the security check prior to running, while in imperative security code itself performs the security checks and performs actions accordingly.

Types of Method Permission Requests

There are six CAS method declarations:
Member name
Description
Assert
The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see Using the Assert Method). *
Demand
All callers higher in the call stack are required to have been granted the permission specified by the current permission object (see Security Demands). *
Deny
The ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see Using the Deny Method). *
InheritanceDemand
The derived class inheriting the class or overriding a method is required to have been granted the specified permission. [ Checks at Load Time]
LinkDemand
The immediate caller is required to have been granted the specified permission.  [ Checks while JIT Compiles ]
PermitOnly
Only the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources (see Using the PermitOnly Method). *
RequestMinimum
The request for the minimum permissions required for code to run. This action can only be used within the scope of the assembly. ***
RequestOptional
The request for additional permissions that are optional (not required to run). This action can only be used within the scope of the assembly. ***
RequestRefuse
The request that permissions that might be misused will not be granted to the calling code. This action can only be used within the scope of the assembly. ***
* Checks at runtime
*** Checks at grant time

Guidelines for using Method Permissions:
1.     Use SecurityAction.PermitOnly to reduce the permission…
2.     Use SecurityAction.Deny to further refine granted permissions…
3.     User CodeAccessPermission.PermitOnly to imperatively reduce permission.
It’s important when calling third party Controls. Use CodeAccessPermission.RevertPermitOnly to restore the permission.
4.     Use the CodeAccessPermission.Assert to allow partially trusted code to call a method that requires the permission that caller might lack. Do use CodeAccessPermission.RevertAssert to restore the original permissions.
5.     Use CodeAccessPermissions.Demand when your assembly implements custom functionality in unmanaged code.

Techniques for demanding Permissions:
1.       Demand Checks all the callers in the stack to have the permission
2.       LinkDemand checks the intermediate only for the permission

How to Imperatively Demand CAS Permissions:
Use the same classes like for FileIOPermissionAttribute use FileIOPermission class. Against each Security action these classes implement a method to gain/restrict the permission e.g. FileIOPermission.Demand() is alternate to SecturityAction.Demand.

Using Imperative security checks one can improve the application grace by providing nice messages and feedback by catching security exceptions.

Analyzing granted permissions:

To check whether or not the permission is assigned to the assembly use Security.SecurityManager.IsGranted instead of Demand.

If(SecurityManager.IsGranted(new FileIOPermission(FileIOPermissionAccess.Read,
@”C:\windows”))
                //Can Read
else
                //Can’t Read


How to declaratively limit method Permission:

[FileIOPermission(SecurityAction.Deny, ViewAndMoify = @“C:\windows\”)]

How to Imperatively Limit Method Permissions:

FileIOPermission vFilePermission = new FileIOPermission( FileIOPermissionAccess.AllAccess, @“C:\Windows\”);

vFilePermission.Deny();

While catching and logging exceptions, do gain the EventLogPermission and the after logging the event revert back to previous state.

How to improve performance while relaxing the permissions:

Try to use LinkDemand instead of Demand
Try to use carefully the Assert to bypass security checks….
To successfully use Assert, assembly must have SecurityPermissionFalg.Assertion privilege must be granted.

Assert vouch the security and acquire the required permission if it can be granted to the assembly and method.

You can only use Assert ones in a method, to assert multiple permissions use PermissionSet.
Assert doesn’t override OS Role Base Security.

How to call trusted code from partially trusted code:

By default partially trusted code cannot call Strong name assemblies.

To allow partially trusted code to call your assembly method use the following attribute:

[assembly: AllowPartiallyTrustedCallers]

How to Use Permission Set:
 


Labels:

Comments

Post a Comment

Popular posts from this blog

Culture Information and Localization in .NET

Namespace: System.Globalization CultureInfo Class:                 It provides information like the Format of numbers and dates, Culture’s Calendar, Culture’s language and sublanguage (if applicable), Country and region of the culture. The Basic use of CultureInfo class is shown here: • How string Comparisons are performed • How Number Comparison & Formats are performed • Date Comparison and Formats. • How resources are retrieved and used. Cultures are grouped into three categories: Invariant Culture : It’s Culture Insensitive. It can be used to build some trial application. It can be also used to build an application with hard-coded expiry date that ignores cultures. But using it for every comparison will be incorrect and inappropriate. Neutral Culture : English(en), Frensh(fr), and Spanish(sp). A neutral culture is related to language but it’s not related to specific regi...
Post a Comment
Continue Reading »

Concept of App Domain in .Net

Creating Application Domains: Application domain is just like process, provides separate memory space, and isolates from other code. But it’s quite light weight. It also provides the following advantages: 1-       Reliability : If a domain crashes, it can be unloaded. Hence doesn’t affect the other assemblies. 2-       Efficiency : Loading all assemblies in one domain can be cumbersome and can make the process heavy but Appdomains are efficient in this manner. Important properties of AppDomain: ApplicationIdentity , ApplicationTrust , BaseDirectory , CurrentDomain , DomainManager , DomainDirectory , Evidence , FriendlyName , ID , RelativeSearchPath , SetupInformation , ShadowCopyFiles . Important methods of AppDomain: ApplyPolicy , CreateCOMInstanceFrom , CreateDomain , CreateInstance (Assembly). To create an AppDomain: AppDomain adomain = AppDomain.CreateDomain(“D”); To execute an assembly:...
Post a Comment
Continue Reading »

Asynchronous Execution in ASP.NET

Asynchronous Execution: Two ways either implement IHTTPAsyncHandler interface or in ASP.NET 2.0 set <%@ Page Async=”true” %>. The second option implements IHTTPAsyncHandler interface automatically for the page when parsed or compiled. AddOnPreRenderCompleteAsync ( new BeginEventHandler(BeginTask), new EndEventHandler(EndTask)); AddOnPreRenderCompleteAsync() shoud be called in Page_load. The BeginEventHandler and EndEventHandler are delegates defined as follows: IAsyncResult BeginEventHandler( object sender, EventArgs e, AsyncCallback cb, object state) void EndEventHandler( IAsyncResult ar) AsyncProcess starts and completes between PreRender and PreRenderComplete. Other way to perform Async Task is using AsyncPageTask structure. It also allows multiple tasks to execute simultaneously. void Page_Load (object sender, EventArgs e) { PageAsyncTask task = new PageAsyncTask( new BeginEventHandler(BeginTask), new EndEventH...
Continue Reading »