[Mono-devel-list] Assembly Security

Jonathan Gilbert 2a5gjx302 at sneakemail.com
Thu Jul 22 02:38:04 EDT 2004


At 10:40 PM 21/07/2004 -0400, Matthew Metnetsky wrote:
>I'm developing a system where there is a class (CoreLogic) which is
>extremely important.  It provides all basic data access for every base
>model in my design.  Is there a way in C#/.NET to limit access to this
>class?  For instance, is there a way to make it so that other assemblies
>than the one CoreLogic sits in can only make use of _some_ methods?  If
>so, is there a way to specify via some sort of Key perhaps just how much
>access is given?  Trusted use (insert, update, delete, read) VS.
>Untrusted use (read).
>
>Looking through MSDN for this is making me go blind.  The info in the
>security namespaces is minimal and cryptic (at least to me).  
>
>Has anyone done something similar to what I propose above?  Where might
>I get started to find some of this out?

One trick you can do that is very generic and doesn't require any special
runtime support is to make an interface for accessing the protected
functionality and a publicly-accessible method to retrieve the interface
that returns an instance of some privately-defined object implementing the
interface. You can examine the current call stack (look up the StackTrace
and StackFrame classes) and verify that the call comes from one of the
allowed callers before you give the caller the object implementing the
interface. If you don't give them access to the interface, then there's
nothing they can do; just make sure that the object implementing the
interface is not actually exported from the assembly.

Does anyone see any holes in this scheme?

Jonathan




More information about the Mono-devel-list mailing list