Stack Overflow
Stack Overflow

Questions tagged [code-access-security]

Code-access security is security specific to limiting access to or protecting source code, through the use of processes such as encryption, obfuscation, and more.

Code-access security is security specific to limiting access to or protecting source code, through the use of processes such as , , and more. The goal of code-access security is most often to protect functionality from competitors, to prevent reverse-engineering, or to preserve integrity of program communication protocols.

For more on obfuscation:

Note that security questions which are not about a specific programming problem may be better suited to our sister site, IT Security Stack Exchange.

337 questions
2
votes
1 answer

Issue with Code Access Security Policy - deploying a third party dll to bin

Okay, i think most of you guys out there use wspbuilder to build the wsp solutions and to deploy it. So here is my problem. I'm working on a SharePoint solution which makes use of a third party dll (Telerik for Asp.Net Ajax - Telerik.Web.UI.dll) for…
NLV
  • 21,141
  • 40
  • 118
  • 183
2
votes
1 answer

Question about Code Access Security (CAS)

I am studying the Code Access Security of .NET 2.0. My current understanding is as below: The basic mechanism of the CAS is for the CLR to collect certain evidences from the assembly, and then use the evidence and policy to work out a permission set…
smwikipedia
  • 61,609
  • 92
  • 309
  • 482
2
votes
1 answer

Sandbox exception "Derived types must either match the security accessibility of the base type or be less accessible."

I am getting the following error when I trying to enable code access security in a sandboxed app domain. Inheritance security rules violated by type: 'XXX'. Derived types must either match the security accessibility of the base type or be less…
Aditon
  • 63
  • 1
  • 7
2
votes
1 answer

SecuritySafeCriticalAttribute Not Working To Allow Partially Trusted Caller. What Am I Missing?

I'm running into a SecurityException calling one of my fully trusted methods: Attempt by security transparent method '(partially trusted method)' to access security critical method 'ContainerSingleton.GetExportedValue()'…
Colin
  • 4,025
  • 21
  • 40
2
votes
4 answers

Exists a replacement for the command-line-tool CASPOL.exe?

When trying to execute a .NET-App, it throws a "PolicyException", because "only one group is allowed". The tool should list existing settings, and allow to delete selected settings. Using caspol to list is not helpful, it is cruel. I've seen there…
tantran
  • 91
  • 6
2
votes
1 answer

How to obfuscate code using Polidea's iOS Class Guard?

Can any one tell me the steps to implement Polidea's iOS Class Guard in iOS project. I have gone through the following github link: https://github.com/Polidea/ios-class-guard I also gone through sample project. I only find a obfuscate_project file…
user3388273
  • 401
  • 3
  • 13
2
votes
1 answer

Risks of "Full" trust mode

We are facing the slow performance issue on SSRS 11 and .NET 4.5. A solution is to set trust mode to full in web.config. What are the risks of such modification?
Francois
  • 10,730
  • 7
  • 47
  • 80
2
votes
1 answer

is it safe to use rand for generating confirmation code ? php

when the user want to reset his password , I send to his email a 6 digits code, then I check if the user enter the matched code ! I am generating the code using rand function : $code = rand ( 100000, 999999 ); is it safe to do that ?
david
  • 3,310
  • 7
  • 36
  • 59
2
votes
2 answers

fine-grained permissions; PrincipalPermission - roles seperate from permissions;

I've been using PrincipalPermission for a while in wcf services. [PrincipalPermission(SecurityAction.Demand, Role = SecurityRoles.CanManageUsers)] Our roles are prefixed with: Can* and is how we achieve fine grained actions control with the built in…
Leblanc Meneses
  • 3,001
  • 1
  • 23
  • 26
2
votes
1 answer

Sandbox AppDomain cross-assembly exception handling

I have some issues with exceptions in a sandboxed app-domain. The code running in the sandbox is security transparent. I have a utility dll which allows partially trusted callers, and provide functionality to the sanboxed code. Its methods are…
Lorenzo Dematté
  • 7,638
  • 3
  • 37
  • 77
2
votes
3 answers

Best online reading to understand .NET Code Access Security?

I'm thinking about learning CAS, but I need to quickly grasp basic architecture, performance implications and if it at all suits my needs. What should I read?
Ilya Ryzhenkov
  • 11,782
  • 1
  • 40
  • 50
2
votes
0 answers

Code permissions evaluation within fully trusted assembly fails

I wanted to use reflection from my 'sandboxed' class Worker and caught behavior i cant propertly explain. If I dont add current assembly in FullTrustList while creating appdomain, then code runs ok. If I add current assembly in FullTrustList,…
garf1eld
  • 104
  • 6
2
votes
1 answer

How to restrict allowable callers of a method?

In C# 4.0+, is there a good way to restrict the allowable callers of a method, based on a method attribute? I naively thought this was what CAS was all about -- and now the changes in .NET 4.0 appear to say the new CAS is only applied at the…
RickNZ
  • 18,448
  • 3
  • 51
  • 66
2
votes
1 answer

Protect source code from hijacking iOS

Recently, I just saw my co-worker, who is an android developer, de-compiled an APK file and read all the source code. After some google search, I found it is possible to do it with an IPA file too. How can I protect my app from reverse engineering?…
Pham Hoan
  • 2,107
  • 2
  • 20
  • 34
2
votes
1 answer

.net 4.0 security model. Another "Inheritance security rules violated by type..." exception

I think I'm stuck with using .net 4.0 new security model. In general, I just want to load 3rd party assemblies into a sandbox. Sounds easy, right? Nevertheless... I have 2 projects in my solution: CrossAppDomain.exe and UntrustedCode.dll. In…
garf1eld
  • 104
  • 6
1 2 3
22 23