|
What is Code-Access security?In normal scenarios, software use user credentials to execute code on a system. This can be harmful as malicious code running under the user’s credentials can cause harm to the system without the knowledge of the user. Alternatively, a security mechanism called Code-Access security exists, which allows code to be trusted to different levels depending upon the identity of the code or where it’s called from. This separates the code from the user’s permissions on a system and allows it to have its own set of permissions to execute operations on a system. This approach is much more effective in stopping malicious code to hack or misuse one’s code and perform operations on the system. One can set a list of actions the code can be allowed to perform and also a set of actions that the code should never be allowed to execute.
|
