[Mono-devel-list] Performance issues with security permissions
Miguel de Icaza
miguel at ximian.com
Tue Jan 25 15:00:19 EST 2005
> To avoid this the JIT _could_ produce code to replace SystemManager.
> SecurityEnabled by false when --security isn't enabled. In this case the
> permission creation/demand would be treated as dead code (and possibly
> totally removed by optimizations).
> ??? is it worth it ???
Before reading this paragraph I was just suggesting this.
At some point someone from a Microsoft team told me their painful
experiences with having the CAS be enabled by default for every
application and how much this hurt their performance, so I think that
this is absolutely worth it.
> We could also replace SystemManager.SecurityEnabled by false when it's
> false. I.e. true can become false, but false can't become true.
> This is a little more "funky" but it's a behavior of the MS runtime (at
> least for 1.0 and 1.1, didn't try with 2.0) that I didn't understand
> before today (not that I really tried to ;-).
> Short story: the MS runtime defaults SystemManager.
> SecurityEnabled to TRUE and you can switch it off anytime (if
> you have the rights to do so). However the results are
> "undefined" if you turn it back to TRUE.
Makes sense to me.
More information about the Mono-devel-list