|
What is code-access security?- Code access security prevents systems from the code being accessed from unknown origins.
- It helps prevent trusted code from intentionally or accidentally compromising security.
- It allows code to be trusted based on permissions.
- It can reduce the lifelikeness of the code being malicious.
- It also reduces the extent to which a code can be trusted.
- Most common security mechanisms give rights to users based on their logon credentials (usually a password) and restrict resources (often directories and files) that the user is allowed to access.
- However, this approach fails to address several issues: users obtain code from many sources, some of which might be unreliable; code can contain bugs or vulnerabilities that enable it to be exploited by malicious code; and code sometimes does things that the user does not know it will do.
|
