code-access-security

MSDN on this article says: CLR uses Code Access Security (CAS) in the .NET Framework, which is no longer supported as a security boundary. A CLR assembly created with PERMISSION_SET = SAFE may be able to access external system resources, call unmanaged code, and acquire sysadmin privileges. Beginning with SQL Server 2017, an sp_configure option called clr strict security is introduced to enhance the security of CLR assemblies. clr strict security is enabled by default, and treats SAFE and EXTERNAL_ACCESS assemblies as if they were marked UNSAFE. The clr strict security option can be disabled

For a product based GIT repository, wherein there are branches for maintenance, testing as well as future development, how do I control user access to these branches. By access, I mean that even though others may read from it, they should not be able to inadvertently push changes to the repo. For example, A - B - C - D - E - F -> master | | | V1 V2' exp | V2 "B" is the commit used for Branch with tag V1 - meant for released version of the product. Only support/maintenance engineers should have access to this. C is used for a recently frozen pre-release product V2' and should only allow

Warning: Newer versions of .Net and .Net core has have removed and/or changed “Code Access Security” (CAS) since this question was asked. Original Question: I am in the process of studying for the 70-536 .NET Framework - Application Development Foundation Exam , as I have been programming .net for many years, this should not be hard! However I am having to learn about “Code Access Security” (CAS), As I have never had a need to use or configure it, I was wondering if anyone else has found a real life usage for it? Please provide examples of when you have used CAS and it has been part of the

I am looking for a simple and secure way to access plugins from a .NET application. Although I imagine that this is a very common requirement, I am struggling to find anything that meets all my needs: The host application will discover and load its plugin assemblies at runtime Plugins will be created by unknown 3rd parties, so they must be sandboxed to prevent them from executing malicious code A common interop assembly will contain types that are referenced by both the host and its plugins Each plugin assembly will contain one or more classes that implement a common plugin interface When