为什么要使用CAS（C访问安全性$ C $）？ [英] Why to use CAS (Code Access Security)?

问题描述

我一直是这么多的Web应用程序的一部分，但从来没有使用CAS，或许也从来不觉得需要使用相同的。

I have been a part of so many web applications but have never used CAS, perhaps have also never felt the need to use the same.

当是需要使用CAS？人们是否真正使用它在他们的应用程序？

When is the need to use CAS? Do people actually use it in their applications?

推荐答案

我想我必须要在旷野中孤独的声音，不同意在这里的其他反应。
正如我阐述了<一href="http://stackoverflow.com/questions/170844/anyone-really-using-$c$c-access-security-to-protect-their-assemblies-and-or-metho/171235#171235">my回答以一个类似的问题几个月前，有特定的场景中CAS的是的一段路要走。当然，这仅适用，如果你是非常安全意识和处理的是一个敏感的系统，并考虑到这只是提供附加防御层，你可能拿不到的地方，你需要这个，直到地方你解决所有其他严重问题，在您的应用程序。
此外，中科院给你限制你的应用程序可以做的，不只是你的用户的能力，并以非常精细的方式。

I guess I have to be the lone voice in the wilderness, and disagree with the other responders here.
As I elaborated in my answer to a similar question a few months ago, there are specific scenarios where CAS is the way to go. Of course, this only applies if you're very security-conscious and dealing with a sensitive system, AND taking into account that this simply provides an additional layer of defense, you're probably not gonna get to the place where you need this till you fix all the other serious issues in your application.
Again, CAS gives you the capability to limit what your APPLICATION can do, not just your users, and in a very granular way.

这篇关于为什么要使用CAS（C访问安全性$ C $）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！