Code Access Securityãã®ï¼
CASãç解ããã«ã¯ãã¾ããã»ãã¥ãªãã£ããªã·ã¼ã®ä»çµã¿ãç解ããã®ãè¿éã§ããããªã·ã¼ã®è¨å®ã¯.NET Framework 2.0 Configurationãã¼ã«ããè¡ãã¾ãã(ã³ã³ããã¼ã«ããã«ï¼ããã©ã¼ãã³ã¹ã¨ã¡ã³ããã³ã¹ï¼ç®¡çãã¼ã«ï¼Microsoft .NET Framework 2.0 Configurationãå®è¡)
ãããªç»é¢ã表示ãããã¨æãã¾ãããã®ç»é¢ãè¦ãªãã話ãé²ãã¾ãã
ã»ãã¥ãªãã£ããªã·ã¼ã¯æ¬¡ã®ï¼ã¤ã®ã¬ãã«ã§æå®ãã¾ãã
- User
- Machine
- Enerprise
- AppDomain
ãã®ãã¡ããã¼ã«ã§è¨å®ããã®ã¯AppDomain以å¤ã®ï¼ã¤ã§ããåãããããããã§ã¯AppDomainã®ãã¨ã¯å¿ãã¾ããããããã©ã«ãã®è¨å®ã§ã¯UserãEnterpriseã«FullTrust(ä½ã§ãåºæ¥ã)ãè¨å®ãããMachineã®æ¨©éã¯å æ¥ã®æ¥è¨ã®éããå®è¡å ´æã«ãã£ã¦å¤ããã¾ãããã¼ã«ã«ãã£ã¹ã¯ããã®å ´åã¯ãFullTrustã§ããããã§ã¯ããã®ï¼ã¤ããæçµçãªããªã·ã¼ã¯ã©ã®ããã«æ±ºã¾ãã®ã§ããããï¼ å®ã¯ããã®ï¼ã¤ã®è«çç©ãããªã·ã¼ã¨ãªãã¾ããä¾ãã°ã
- User:権éA,Bãæã¤
- Machine:権é:B,Cãæã¤
- Enterprise:権é:A,B,Cãæã¤
ãã®å ´åãï¼è ã§å ±éã§ãã権éBã®ã¿æã¤ãã¨ã«ãªãã¾ãã
ã§ã¯ãã¡ãã£ã¨å®é¨ãã¦ã¿ã¾ãããã
using System;
using System.IO;
using System.Collections;
using System.Reflection;
using System.Runtime.Remoting;
using System.Security;
using System.Security.Cryptography.X509Certificates;
using System.Security.Permissions;
using System.Security.Policy;
static class Program {
public static void Main (string args) {
string path = AppDomain.CurrentDomain.BaseDirectory;
Url u = new Url (path);
Zone z = Zone.CreateFromUrl (path);
object e = {u, z};
Evidence evidence = new Evidence (e, null);
PermissionSet ps = SecurityManager.ResolvePolicy (evidence);
if (ps.IsUnrestricted ()) {
Console.WriteLine ("FullTrust");
}
else {
foreach (object o in ps) {
Console.WriteLine (o.GetType ());
}
}
}
}
ãããã³ã³ãã¤ã«ãã¦å®è¡ãã¦ã¿ã¾ãããã
$ app.exe FullTrust
ããã¨ããã®ããã«FullTrustã«ãªãã¾ãããUserãMachineãEnterpriseã¯FullTrustã§ãããã¨ãåããã¾ãããã§ã¯Userã®æ¨©éãEverythingã«ä¸ãã¦ã¿ã¾ãããã
ããããã£ãé¸ãã§ã
Permission Setã¿ãã§Everythingãé¸æãã¾ãã
ã§ã¯ããã®ç¶æ ã§app.exeãå®è¡ãã¦ã¿ã¦ãã ãããä»åº¦ã¯éãçµæã«ãªã£ãã¯ãã§ãã
$ app.exe System.Security.Permissions.EnvironmentPermission System.Security.Permissions.FileDialogPermission System.Security.Permissions.FileIOPermission System.Security.Permissions.IsolatedStorageFilePermission System.Security.Permissions.ReflectionPermission System.Security.Permissions.RegistryPermission System.Security.Permissions.SecurityPermission System.Security.Permissions.UIPermission System.Security.Permissions.UrlIdentityPermission System.Security.Permissions.ZoneIdentityPermission System.Security.Permissions.KeyContainerPermission System.Net.DnsPermission System.Drawing.Printing.PrintingPermission System.Net.SocketPermission System.Net.WebPermission System.Diagnostics.EventLogPermission System.Security.Permissions.StorePermission System.Diagnostics.PerformanceCounterPermission System.Data.OleDb.OleDbPermission System.Data.SqlClient.SqlClientPermission System.Security.Permissions.DataProtectionPermission
Everythingã®å 容ã表示ããã¾ãããMachineãEnterpriseã¯FullTrustã®ã¾ã¾ã§ããUsersãEverythingãªã®ã§ããã®è«çç©ãåã£ã¦Everythingã«ãªã£ãããã§ããã¡ãªã¿ã«ããã以ä¸æ¨©éãä¸ããã¨app.exeèªä½ãåããªããªãã®ã§æ³¨æã§ãã権éãç¡ãã¦ä¾å¤ãçºçããã®ãä¸åº¦ãããè¦ã¦ããã®ãè¯ãããã(^^;
ã»ãã¥ãªãã£ããªã·ã¼ã®å ¥ãå£ã¾ã§æ¥ã¾ããã次ã¯ã³ã¼ãã°ã«ã¼ãã«ã¤ãã¦ã§ãããã¾ã次åã»ã»ã»ã«ç¶ãããªï¼