Stack Overflow
Stack Overflow

Questions tagged [code-access-security]

Code-access security is security specific to limiting access to or protecting source code, through the use of processes such as encryption, obfuscation, and more.

Code-access security is security specific to limiting access to or protecting source code, through the use of processes such as , , and more. The goal of code-access security is most often to protect functionality from competitors, to prevent reverse-engineering, or to preserve integrity of program communication protocols.

For more on obfuscation:

Note that security questions which are not about a specific programming problem may be better suited to our sister site, IT Security Stack Exchange.

337 questions
12
votes
1 answer

How to effectively author F# assemblies for partial trust?

Does anyone have experience with F# code in partial trust scenarios? As in, creating assemblies with []? I am working on a couple of projects that we need to be able to run in partial trust, and we have been trying to…
t0yv0
  • 4,714
  • 19
  • 36
11
votes
2 answers

Seeking alternative to AppDomain.CreateDomain(string, evidence) due to obsolete CAS policy

I am working through the Microsoft .Net Framework--Application Development Foundation Training Kit book Chapter 8 Lesson 2: Configuring Application Domains ShowWinIni being the assembly name for the program I want to execute object[] hostEvidence =…
Jesslyn
  • 696
  • 10
  • 25
9
votes
1 answer

build.gradle is secured from decompilation?

It is very easy to decompile the code and code is not secured even with the Proguard. What I required is to secure "key" in the app. Is build.gradle secured ? can it be decompiled ? buildConfigField "String", "Key", "\"1234567890\"" Update as per…
Vishal Khakhkhar
  • 2,106
  • 3
  • 29
  • 60
9
votes
2 answers

Detect IP address of GitHub commit

i'm the owner of a few corporate github repositories. Lately we have been suspicious of a developer who may be enlisting outsourced help through his borrowed github identity (many 4am commits in batches). Is there a way on github.com to determine…
joe mediocrity
  • 109
  • 1
  • 1
  • 3
9
votes
2 answers

Android: Is it safe to put a sensitive string in my Java code?

My application uses a number of API keys and URLs that I can't allow users to see. I've been putting them directly in the code, sometimes embedded in the method that uses them and sometimes in a class called MyVals that stores commonly used strings…
Scott
  • 3,663
  • 8
  • 33
  • 56
9
votes
1 answer

How to fix CA2123 (Override link demands should be identical to base) in a managed C++ / CLI project

I am not able to understand how to fix CA2123 for a C++/CLI project. Here is a sample project to demonstrate the issue: 1) Create a C# (.NET 4) Class Library ManagedClass.cs namespace CSharpLibrary { public interface IManagedClass { void…
Ganesh R.
  • 4,337
  • 3
  • 30
  • 46
8
votes
3 answers

loadFromRemoteSources error using Assembly.LoadFrom

I have the below code in a .Net 4 Winforms app which loads an assembly. All files are on a C:. There are numerous DLL's which work fine but two error with the following: An attempt was made to load an assembly from a network location which …
Jon
  • 38,814
  • 81
  • 233
  • 382
8
votes
1 answer

.NET Security Exception on a Network Share

We deploy our .NET applications by putting them on the LAN, and allowing users to run from there. We are part of a very large organization and do not have have admin rights to the individual computers, the servers, nor the domain. We don't even…
Andrew Neely
  • 908
  • 11
  • 19
8
votes
8 answers

What is the purpose CAS (Code Access Security)?

I have been a part of so many web applications but have never used CAS, perhaps have also never felt the need to use the same. When is the need to use CAS? Do people actually use it in their applications?
MOZILLA
  • 5,862
  • 14
  • 53
  • 59
8
votes
2 answers

Custom CodeAccessSecurityAttribute

I've created the following attribute: [Serializable] [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)] public class OperationPermissionAttribute : CodeAccessSecurityAttribute { private…
jgauffin
  • 99,844
  • 45
  • 235
  • 372
7
votes
2 answers

Assert Permissions in C#

I'm busy trying to understand the security stuff in c# and I'm struggling to see how Assert works. I'm using .net 3.5. I made a sample app to try figure this out. Calling method: [FileIOPermission(SecurityAction.Deny, ViewAndModify = @"C:\")] …
David Esteves
  • 1,614
  • 2
  • 15
  • 22
7
votes
3 answers

Problem using C# iterator methods with code access security

I have a simple method that uses an iterator block to return an IEnumerable: IEnumerable GetItems() { foreach (var item in Items) { yield return item; } } Ordinarily, this method works fine, but if I apply a…
Tim Coulter
  • 8,705
  • 11
  • 64
  • 95
7
votes
3 answers

How can I prevent unauthorized code from accessing my assembly in .NET 2.0?

In .NET 1.x, you could use the StrongNameIdentityPermissionAttribute on your assembly to ensure that only code signed by you could access your assembly. According to the MSDN documentation, In the .NET Framework version 2.0 and later, demands for…
Rob Prouse
  • 22,161
  • 4
  • 69
  • 89
7
votes
3 answers

Code Access Security is a joke?

I have just read about this article about Code Access Security. It has such an example in it: using System.Security.Permissions; public class MyFileAccessor { public MyFileAccessor(String path, bool readOnly) { path = MakeFullPath(path); //…
smwikipedia
  • 61,609
  • 92
  • 309
  • 482
7
votes
2 answers

How to inherit from DataAnnotations.ValidationAttribute (it appears SecureCritical under Visual Studio debugging host in .NET 4 !)

I have an [AllowPartiallyTrustedCallers] class library containing subtypes of the System.DataAnnotations.ValidationAttribute. The library is used on contract types of WCF services. In .NET 2/3.5, this worked fine. Since .NET 4.0 however, running a…
codetuner
  • 316
  • 3
  • 8
1
2
3
22 23