[Mono-devel-list] Performance issues with security permissions

Miguel de Icaza miguel at ximian.com
Tue Jan 25 15:00:19 EST 2005

> To avoid this the JIT _could_ produce code to replace SystemManager.
> SecurityEnabled by false when --security isn't enabled. In this case the
> permission creation/demand would be treated as dead code (and possibly
> totally removed by optimizations).
> 	??? is it worth it ???

Before reading this paragraph I was just suggesting this.

At some point someone from a Microsoft team told me their painful
experiences with having the CAS be enabled by default for every
application and how much this hurt their performance, so I think that
this is absolutely worth it.

> We could also replace SystemManager.SecurityEnabled by false when it's
> false. I.e. true can become false, but false can't become true.
> This is a little more "funky" but it's a behavior of the MS runtime (at
> least for 1.0 and 1.1, didn't try with 2.0) that I didn't understand
> before today (not that I really tried to ;-).
>         Short story: the MS runtime defaults SystemManager.
>         SecurityEnabled to TRUE and you can switch it off anytime (if
>         you have the rights to do so). However the results are
>         "undefined" if you turn it back to TRUE.

Makes sense to me.


More information about the Mono-devel-list mailing list