Поделиться через


Dangerous Permissions and Policy Administration

Several of the protected operations for which the .NET Framework provides permissions can potentially allow the security system to be circumvented. These dangerous permissions should be given only to trustworthy code, and then only as necessary. There is usually no defense against malicious code if it is granted these permissions.

The dangerous permissions are explained in the following table.

Permission Potential risk
SecurityPermission    
UnmanagedCode Allows managed code to call into unmanaged code, which is often dangerous.
SkipVerification Without verification, the code can do anything.
ControlEvidence Invalidated evidence can fool security policy.
ControlPolicy The ability to modify security policy can disable security.
SerializationFormatter The use of serialization can circumvent accessibility mechanisms. For details, see Security and Serialization.
ControlPrincipal The ability to set the current principal can trick role-based security.
ControlThread Manipulation of threads is dangerous because of the security state associated with threads.
ReflectionPermission    
MemberAccess Can use private members to defeat accessibility mechanisms.

See Also

Secure Coding Guidelines