Chapter 17. Introduction: .NET Framework Security and Operating System Security

By Sebastian Lange

IN THIS CHAPTER

• A Roadmap for Administering the Security Context of Managed Code

• .NET Framework Security and Operating System Security Settings

The most powerful and elaborate security systems are useless unless they are configured correctly. Picking the right security settings that allow managed code to execute with a minimum of constraints while protecting resources and data from illicit access can be an art. This section will show you how to view, analyze, and modify the security settings impacting assemblies executed by the Common Language Runtime (CLR).

Starting from the ground up, you will find the following key points covered in this chapter:

• A scenario-driven roadmap to administer security for managed code, including a reading guide to other chapters

• How Windows security descriptor settings impact managed applications

• How the Code Access Security (CAS) configuration state is protected using Windows ACLs

• A short review of how to view and set ACLs

• An overview of the Windows Software Restriction Policies technology

• How Software Restriction Policies and the .NET Framework security system cooperate