By Sebastian Lange
IN THIS CHAPTER
Assemblies are the development and deployment unit in the world of managed code. Assemblies are also what Code Access Security (CAS) is designed around; they are the unit of security configuration and enforcement. Administrable Code Access Security policy grants permissions to assemblies. The Code Access Security infrastructure, in turn, enables APIs exposing resources such as registry or file system acccess to check all calling assemblies for having been granted sufficient permissions to access the resource. However, were it possible for assemblies, by virtue of any information or code contained in the assembly file, to circumvent the CAS policy restrictions, the CAS system would not be an effective protection against erroneous or outright malicious code. It turns out that there indeed are a number of checks that are presupposed for Code Access Security to be effective. This chapter will introduce what checks these are and how they affect program development and deployment. In particular, the following concepts will be covered:
A brief overview of the structure and contents of assembly files
Introduction to validation
Why the managed PE/COFF file format must be validated and what mechanism is doing so
What metadata is
The metadata validation steps necessary to detect corrupted metadata that might circumvent security
Introduction to JIT-time verification, verifiability, and type safety
Considerations about writing unverifiable code
To understand the types of checks required to support Code Access Security, it is necessary to review what constitutes an assembly and how an assembly's content could pose a risk to security.
3.137.174.44