[英]Assembly Declarative Security - Request Optional
I am trying to limit CAS privileges to one specific domain. 我试图将CAS特权限制到一个特定域。 I am doing this at the assembly level using the attribute syntax. 我正在使用属性语法在程序集级别执行此操作。 This assembly is run on the local machine and therefore the OS is granting the assembly full trust but I would expect the following to bomb. 该程序集在本地计算机上运行,因此OS授予程序集完全信任,但我希望以下内容会受到轰动。
Why does it not throw an exception when I connect to google? 当我连接到Google时,为什么它不会引发异常? Here is an example: 这是一个例子:
[assembly: WebPermission(SecurityAction.RequestOptional, ConnectPattern = @"http://msdn\.microsoft\.com/.*")]
class Program
{
private static WebClient client = new WebClient();
static void Main(string[] args)
{
try
{
PermissionSet permSet = new PermissionSet(PermissionState.None);
permSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Write, Environment.CurrentDirectory));
permSet.Demand();
//client.DownloadFile(@"http://msdn.microsoft.com/en-us/library/ms247123(VS.80).aspx", @"ms247123(VS.80).aspx");
client.DownloadFile(@"http://www.google.com", @"goole.htm");
}
catch
{
Console.WriteLine("Insuffcient Privaleges");
}
}
}
Notice the assembly CAS declaration. 注意装配CAS声明。 I am trying to restrict the WebPermissions to only domains that match this pattern http://msdn .microsoft.com/.* 我试图将WebPermissions限制为仅匹配此模式的域http:// msdn .microsoft.com /.*
What am I doing wrong? 我究竟做错了什么?
Thanks! 谢谢!
What Framework version are you using? 您正在使用哪个Framework版本? Framework 4.0 no longer enforces declarative security at the assembly level. Framework 4.0不再在程序集级别强制执行声明性安全性。
http://msdn.microsoft.com/en-us/library/ee191568.aspx http://msdn.microsoft.com/en-us/library/ee191568.aspx
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.