DOCSLIB.ORG

MCTS Self-Paced Training Kit (Exam 70-536): Microsoft .NET Framework 2.0--Application Development Foundation Ebook

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
MCTS Self-Paced Training Kit (Exam 70-536): Microsoft .NET Framework 2.0--Application Development Foundation Ebook Chapter 11 Application Security Everyone has heard that you shouldn’t log on to your computer as an Administrator. The reason isn’t because you don’t trust yourself not to delete your hard drive; it’s because you don’t trust the applications you run. When you run an unmanaged appli­ cation in Microsoft Windows Server 2003, Microsoft Windows XP, and earlier ver­ sions of Windows, that code gets all the privileges your user account has. If you accidentally run a virus or a Trojan horse, the application can do anything your user account has permissions to do. So you are forced to log on with minimal privileges to restrict application permissions. Code access security (CAS), a concept that the .NET Framework introduced to Win­ dows, enables you to control the permissions that individual applications have. If a friend sends you a new .NET Framework text editor, you can restrict it to opening a window and prompting you to open and save files—and nothing else. The text edited wouldn’t be able to send e-mails, upload files to a Web site, or create files, even if you are logged on as an Administrator. CAS enables users to restrict on a very granular level what managed code can do. As a developer, you must understand how to create applications that work even when some permissions are restricted. You can also use CAS to improve your application’s security by restricting which callers can use your code and forcibly limiting your appli­ cation to a restricted permission set. Exam objectives in this chapter: ■ Implement code access security to improve the security of a.NET Framework application. (Refer System.Security namespace) ❑ SecurityManager class ❑ CodeAccessPermission class ❑ Modify the Code Access Security Policy at the computer, user, and enter­ prise level by using the Code Access Security Policy tool (Caspol.exe). ❑ PermissionSet class and NamedPermissionSet class ❑ Standard Security interfaces 627 628 Chapter 11 Application Security ■ Control permissions for resources by using the System.Security.Permission classes. (Refer System.Security.Permission namespace) ❑ SecurityPermission class ❑ PrincipalPermission class ❑ FileIOPermission class ❑ StrongNameIdentityPermission class ❑ UIPermission class ❑ UrlIdentityPermission class ❑ PublisherIdentityPermission class ❑ GacIdentityPermission class ❑ FileDialogPermission class ❑ DataProtectionPermission class ❑ EnvironmentPermission class ❑ IUnrestrictedPermission interface ❑ RegistryPermission class ❑ IsolatedStorageFilePermission class ❑ KeyContainerPermission class ❑ ReflectionPermission class ❑ StorePermission class ❑ SiteIdentityPermission class ❑ ZoneIdentityPermission class ■ Control code privileges by using System.Security.Policy classes. (Refer System.Security.Policy namespace) ❑ ApplicationSecurityInfo class and ApplicationSecurityManager class ❑ ApplicationTrust class and ApplicationTrustCollection class ❑ Evidence class and PermissionRequestEvidence class ❑ CodeGroup class, FileCodeGroup class, FirstMatchCodeGroup class, NetCode- Group class, and UnionCodeGroup class ❑ Condition classes Before You Begin 629 ❑ PolicyLevel class and PolicyStatement class ❑ IApplicationTrustManager interface, IMembershipCondition interface, and IIdentityPermissionFactory interface Lessons in this chapter: ■ Lesson 1: Understanding Code Access Security . 630 ■ Lesson 2: Using Declarative Security to Protect Assemblies. 658 ■ Lesson 3: Using Declarative and Imperative Security to Protect Methods. 672 Before You Begin To complete the lessons in this chapter, you should be familiar with Microsoft Visual Basic or C# and be comfortable with the following tasks: ■ Create a console application in Microsoft Visual Studio using Visual Basic or C#. ■ Add references to system class libraries to a project. ■ Write to files and streams. 630 Chapter 11 Application Security Lesson 1: Understanding Code Access Security If you have worked with previous versions of the .NET Framework, you might already be familiar with code access security (CAS) concepts. If you have been a Microsoft Windows developer but haven’t previously used the .NET Framework, using CAS requires you to understand completely novel security concepts. This lesson describes the concept behind CAS and each of the components that the .NET Framework uses to implement CAS. After this lesson, you will be able to: ■ Describe the purpose of CAS. ■ List the four most important elements of CAS and the significance of each. ■ Describe how security policy defines an assembly’s permission set. ■ Explain how CAS works with operating system security. ■ Use the .NET Framework Configuration tool to configure CAS. ■ Use Caspol to configure CAS. Estimated lesson time: 60 minutes What Is Code Access Security? Code access security (CAS) is a security system that allows administrators and develop­ ers to control application authorization similar to the way they have always been able to authorize users. With CAS, you can allow one application to read and write to the registry, while restricting access for a different application. You can control authoriza­ tion for most of the same resources you’ve always been able to restrict using the oper­ ating system’s role-based security (RBS), including the following: ■ The file system ■ The registry ■ Printers ■ The event logs You can also restrict resources that you can’t control using RBS. For example, you can control whether a particular application can send Web requests to the Internet or whether an application can make DNS requests. These are the types of requests that Lesson 1: Understanding Code Access Security 631 malicious applications are likely to make to abuse a user’s privacy, so it makes sense that CAS allows you to restrict those permissions. Unfortunately, CAS can be applied only to managed applications that use the .NET Framework runtime. Unmanaged applications run without any CAS restrictions and are limited only by the operating system’s RBS. If CAS is used to restrict the permis­ sions of an assembly, the assembly is considered partially trusted. Partially trusted assemblies must undergo CAS permission checks each time they access a protected resource. Some assemblies are exempt from CAS checks and are considered fully trusted. Fully trusted assemblies, like unmanaged code, can access any system resource that the user has permissions to access. Elements of Code Access Security Every security system needs a way to identify users and determine what a user can and can’t do, and CAS is no exception. However, because CAS identifies and assigns permissions to applications rather than to people, it can’t use the user names, pass­ words, and access control lists (ACLs) that you’re accustomed to. Instead, CAS identifies assemblies using evidence. Each piece of evidence is a way that an assembly can be identified, such as the location where the assembly is stored, a hash of the assembly’s code, or the assembly’s signature. An assembly’s evidence determines which code group it belongs to. Code groups, in turn, grant an assembly a permission set. The sections that follow describe each of these components in more detail. What Is Evidence? Evidence is the information that the runtime gathers about an assembly to determine which code groups the assembly belongs to. Common forms of evidence include the folder or Web site from which the assembly is running and digital signatures. NOTE Evidence: a misnomer Identification might be a better term than evidence. Evidence sounds like a set of clues you use to track down someone who didn’t want to be identified. In CAS, evidence is used just like a person’s passport, password, and PIN—information that proves identity and describes an individual as deserving a certain level of trust. Table 11-1 shows the common types of evidence that a host can present to the run­ time. Each row corresponds to a member class of the System.Security.Policy namespace. 632 Chapter 11 Application Security Table 11-1 Evidence Types Evidence Description Application directory The directory in which the assembly resides. Hash The cryptographic hash of the assembly, which uniquely identifies a specific version of an assembly. Any modifica­ tions to the assembly make the hash invalid. Publisher The assembly’s publisher’s digital signature, which uniquely identifies the software developer. Using Pub­ lisher evidence requires the assembly to be signed. Site The site from which the assembly was downloaded, such as www.microsoft.com. Strong Name The cryptographic strong name of the assembly, which uniquely identifies the assembly’s namespace. The assem­ bly must be signed to use Strong Name evidence. URL The URL from which the assembly was downloaded, such as www.microsoft.com/assembly.exe. Zone The zone in which the assembly is running, such as the Internet zone or the LocalIntranet zone. There are two types of evidence: host evidence and assembly evidence. Host evidence describes the assembly’s origin, such as the application directory, URL, or site. Host evidence can also describe the assembly’s identity, such as the hash, publisher, or strong name. Assembly evidence is custom user- or developer-provided evidence. What Is a Permission? A permission is a CAS access control entry. For example, the File Dialog permission determines whether an assembly can prompt the user with the Open dialog box, the Save dialog box, both, or neither. Figure 11-1 shows the File Dialog permission being configured. By default, 19 permissions are available for configuration in the .NET Framework Configuration tool. Each corresponds
Load more

Recommended publications
  • Configure .NET Code-Access Security
    © 2002 Visual Studio Magazine Fawcette Technical Publications Issue VSM November 2002 Section Black Belt column Main file name VS0211BBt2.rtf Listing file name -- Sidebar file name -- Table file name VS0211BBtb1.rtf Screen capture file names VS0211BBfX.bmp Infographic/illustration file names VS0211BBf1,2.bmp Photos or book scans ISBN 0596003471 Special instructions for Art dept. Editor LT Status TE’d3 Spellchecked (set Language to English U.S.) * PM review Character count 15,093 + 1,162 online table Package length 3.5 (I think, due to no inline code/listings) ToC blurb Learn how to safely grant assemblies permissions to perform operations with external entities such as the file system, registry, UIs, and more. ONLINE SLUGS Name of Magazine VSM November 2002 Name of feature/column/department Black Belt column 180-character blurb Learn how to safely grant assemblies permissions to perform operations with external entities such as the file system, registry, UIs, and more. 90-character blurb Learn how to safely grant assemblies permissions to perform operations with external entities. 90-character blurb describing download NA Locator+ code for article VS0211BB_T Photo (for columnists) location On file TITLE TAG & METATAGS <title> Visual Studio Magazine – Black Belt - Secure Access to Your .NET Code Configure .NET Code-Access Security </title> <!-- Start META Tags --> <meta name="Category" content=" .NET "> <meta name="Subcategory" content=" C#, Visual Basic .NET "> <meta name="Keywords" content=" .NET, C#, Visual Basic .NET, security permission, security evidence, security policy, permission sets, evidence, security, security permission stack walk, custom permission set, code group "> [[ Please check these and add/subtract as you see fit .]] <meta name="DESCRIPTION" content=" Learn how to grant assemblies permissions to perform operations with external entities such as the file system, registry, UIs, and more.
    [Show full text]
  • NET Framework
    Advanced Windows Programming .NET Framework based on: A. Troelsen, Pro C# 2005 and .NET 2.0 Platform, 3rd Ed., 2005, Apress J. Richter, Applied .NET Frameworks Programming, 2002, MS Press D. Watkins et al., Programming in the .NET Environment, 2002, Addison Wesley T. Thai, H. Lam, .NET Framework Essentials, 2001, O’Reilly D. Beyer, C# COM+ Programming, M&T Books, 2001, chapter 1 Krzysztof Mossakowski Faculty of Mathematics and Information Science http://www.mini.pw.edu.pl/~mossakow Advanced Windows Programming .NET Framework - 2 Contents The most important features of .NET Assemblies Metadata Common Type System Common Intermediate Language Common Language Runtime Deploying .NET Runtime Garbage Collection Serialization Krzysztof Mossakowski Faculty of Mathematics and Information Science http://www.mini.pw.edu.pl/~mossakow Advanced Windows Programming .NET Framework - 3 .NET Benefits In comparison with previous Microsoft’s technologies: Consistent programming model – common OO programming model Simplified programming model – no error codes, GUIDs, IUnknown, etc. Run once, run always – no "DLL hell" Simplified deployment – easy to use installation projects Wide platform reach Programming language integration Simplified code reuse Automatic memory management (garbage collection) Type-safe verification Rich debugging support – CLR debugging, language independent Consistent method failure paradigm – exceptions Security – code access security Interoperability – using existing COM components, calling Win32 functions Krzysztof
    [Show full text]
  • INTRODUCTION to .NET FRAMEWORK NET Framework .NET Framework Is a Complete Environment That Allows Developers to Develop, Run, An
    INTRODUCTION TO .NET FRAMEWORK NET Framework .NET Framework is a complete environment that allows developers to develop, run, and deploy the following applications: Console applications Windows Forms applications Windows Presentation Foundation (WPF) applications Web applications (ASP.NET applications) Web services Windows services Service-oriented applications using Windows Communication Foundation (WCF) Workflow-enabled applications using Windows Workflow Foundation (WF) .NET Framework also enables a developer to create sharable components to be used in distributed computing architecture. NET Framework supports the object-oriented programming model for multiple languages, such as Visual Basic, Visual C#, and Visual C++. NET Framework supports multiple programming languages in a manner that allows language interoperability. This implies that each language can use the code written in some other language. The main components of .NET Framework? The following are the key components of .NET Framework: .NET Framework Class Library Common Language Runtime Dynamic Language Runtimes (DLR) Application Domains Runtime Host Common Type System Metadata and Self-Describing Components Cross-Language Interoperability .NET Framework Security Profiling Side-by-Side Execution Microsoft Intermediate Language (MSIL) The .NET Framework is shipped with compilers of all .NET programming languages to develop programs. Each .NET compiler produces an intermediate code after compiling the source code. 1 The intermediate code is common for all languages and is understandable only to .NET environment. This intermediate code is known as MSIL. IL Intermediate Language is also known as MSIL (Microsoft Intermediate Language) or CIL (Common Intermediate Language). All .NET source code is compiled to IL. IL is then converted to machine code at the point where the software is installed, or at run-time by a Just-In-Time (JIT) compiler.
    [Show full text]
  • Diploma Thesis
    Faculty of Computer Science Chair for Real Time Systems Diploma Thesis Porting DotGNU to Embedded Linux Author: Alexander Stein Supervisor: Jun.-Prof. Dr.-Ing. Robert Baumgartl Dipl.-Ing. Ronald Sieber Date of Submission: May 15, 2008 Alexander Stein Porting DotGNU to Embedded Linux Diploma Thesis, Chemnitz University of Technology, 2008 Abstract Programming PLC systems is limited by the provided libraries. In contrary, hardware-near programming needs bigger eorts in e. g. initializing the hardware. This work oers a foundation to combine advantages of both development sides. Therefore, Portable.NET from the DotGNU project has been used, which is an im- plementation of CLI, better known as .NET. The target system is the PLCcore- 5484 microcontroller board, developed by SYS TEC electronic GmbH. Built upon the porting, two variants to use interrupt routines withing the Portabe.NET runtime environment have been analyzed. Finally, the reaction times to occuring interrupt events have been examined and compared. Die Programmierung für SPS-Systeme ist durch die gegebenen Bibliotheken beschränkt, während hardwarenahe Programmierung einen gröÿeren Aufwand durch z.B. Initialisierungen hat. Diese Arbeit bietet eine Grundlage, um die Vorteile bei- der Entwicklungsseiten zu kombinieren. Dafür wurde Portable.NET des DotGNU- Projekts, eine Implementierung des CLI, bekannter unter dem Namen .NET, be- nutzt. Das Zielsystem ist das PLCcore-5484 Mikrocontrollerboard der SYS TEC electronic GmbH. Aufbauend auf der Portierung wurden zwei Varianten zur Ein- bindung von Interrupt-Routinen in die Portable.NET Laufzeitumgebung untersucht. Abschlieÿend wurden die Reaktionszeiten zu eintretenden Interrupts analysiert und verglichen. Acknowledgements I would like to thank some persons who had inuence and supported me in my work.
    [Show full text]
  • Doc:Docu.Xml a File.Cs Mcs -Doc:Docu.Xml a File.Cs
    Chair of Software Engineering Java and C# in depth Carlo A. Furia, Marco Piccioni, Bertrand Meyer C#: framework overview and in-the-small features Chair of Software Engineering Java and C# in depth Carlo A. Furia, Marco Piccioni, Bertrand Meyer C#: framework overview What’s in a name Internal name of initial project: Cool (C-like Object Oriented Language) . Ruled out by the trademark lawyers Chief C# architect at Microsoft: Anders Hejlsberg . Previously on Turbo Pascal & Delphi Grounded in the .NET platform and CLI (Common Language Infrastructure) “An imitation of Java” . According to Java’s Bill Gosling Version 1.0: 2001 Latest version: 5.0 (.NET Framework 4.5) (6.2013) Java and C# in depth 3 C# platform goals (from ECMA standard) . Simple, general-purpose, object-oriented . Correct and robust . strong type checking, array bounds checking, detecting usage of uninitialized variables, automated memory management, ... Component- and reusability-oriented . Programmer-portable . easy for developers coming from C/C++ and from other .NET languages . No direct competition with C in terms of performance . Introduction of selected functional programming features . Main motivation: dealing with data conveniently Java and C# in depth 4 CLI: Common Language Infrastructure • An open specification describing the executable code and runtime environment forming the .NET framework • Implementations: MS .NET/CLR, MS .NET Compact framework (portable devices and Xbox 360), MS Silverlight (browsers), Mono (cross-platform). Java and C# in depth 5 CIL and Assemblies . C# compilation produces CIL (Common Intermediate Language) code . Instruction set similar to Java bytecode . object-oriented stack-based assembly code . richer type system, real generics vs.
    [Show full text]
  • NIST SP 800-28 Version 2 Guidelines on Active Content and Mobile
    Special Publication 800-28 Version 2 (Draft) Guidelines on Active Content and Mobile Code Recommendations of the National Institute of Standards and Technology Wayne A. Jansen Theodore Winograd Karen Scarfone NIST Special Publication 800-28 Guidelines on Active Content and Mobile Version 2 Code (Draft) Recommendations of the National Institute of Standards and Technology Wayne A. Jansen Theodore Winograd Karen Scarfone C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 March 2008 U.S. Department of Commerce Carlos M. Gutierrez, Secretary National Institute of Standards and Technology James M. Turner, Acting Director GUIDELINES ON ACTIVE CONTENT AND MOBILE CODE Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-28 Version 2 Natl. Inst. Stand. Technol. Spec. Publ.
    [Show full text]
  • Pro Visual C++/CLI and the .NET 2.0 Platform
    Pro Visual C++/CLI and the .NET 2.0 Platform ■■■ Stephen R. G. Fraser Pro Visual C++/CLI and the .NET 2.0 Platform Copyright © 2006 by Stephen R.G. Fraser All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. ISBN: 1-59059-640-4 Library of Congress Cataloging-in-Publication data is available upon request. Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1 Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. Lead Editor: Ewan Buckingham Technical Reviewer: Don Reamey Editorial Board: Steve Anglin, Dan Appleman, Ewan Buckingham, Gary Cornell, Tony Davis, Jason Gilmore, Jonathan Hassell, Chris Mills, Dominic Shakeshaft, Jim Sumser Project Managers: Laura Cheu, Richard Dal Porto Copy Edit Manager: Nicole LeClerc Copy Editors: Freelance Editorial Services, Ami Knox, Liz Welch Assistant Production Director: Kari Brooks-Copony Production Editor: Katie Stence Compositor: Susan Gilnert Proofreader: Elizabeth Berry Indexer: John Collin Artist: April Milne Interior Designer: Van Winkle Design Group Cover Designer: Kurt Krames Manufacturing Director: Tom Debolski Distributed to the book trade worldwide by Springer-Verlag New York, Inc., 233 Spring Street, 6th Floor, New York, NY 10013.
    [Show full text]
  • J2EE and .Net Security
    J2EE and .Net security 1. Introduction 1.1. Document Revision History Author Document Last Modified Note Version Date Ger Mulcahy 1.2 12/02/2002 Third draft Ger Mulcahy 1.1 01/02/2002 Added information on JAAS, JSSE, Project Liberty, DotGNU, etc. Ger Mulcahy 1.0 21/01/2002 Second Draft – added contributors Ger Mulcahy 0.1 04/01/2002 First draft 1.1.1. Contributors My thanks to the following for their assistance with this article: Alan Danziger, Mark Curphey, Alan Faber, Elias Levy, Tony Northrup 1.2. Overview A number of general comparative articles have been written discussing the pros and cons of these two competing technological platforms. The intention of this paper is to discuss J2EE and .Net at a high level from a security perspective, examining the tools and methodologies the platforms use to provide secure development and deployment environments. This introduction section covers a brief, incomplete discussion of key features of both platforms. It will not discuss areas that are not analogous between platforms. For more information on both, see the references section of this document. Note that .Net is a product platform, whereas J2EE is a standard specification, which is implemented to varying degrees of fidelity by a number of vendors. For this reason, direct comparisons may be difficult in certain areas without going into vendor specifics. For the purposes of this article no real distinction is made between .Net and the .Net Framework, which forms one part of the .Net strategy. While Microsoft is pushing .Net as their strategy for Web Services, this document will not discuss the two platforms from the point of view of Web Services, nor does it describe COM+, as this is not part of the .Net Framework.
    [Show full text]
  • An Overview of Security in the .NET Framework
    An Overview of Security in the .NET Framework (also at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/netframesecover.asp, but may be dated) Dr. Demien Watkins, Project 42 Sebastian Lange, Microsoft Corporation January 2002 Summary: The fundamental features in the Microsoft .NET Framework security system are profiled, including the ability to confine code to run in tightly constrained, administrator-defined security contexts for a dynamic download and execution, and remote execution, model. Introduction Security is one of the most important issues to consider when moving from traditional program development, where administrators often install software to a fixed location on a local disk, to an environment that allows for dynamic downloads and execution and even remote execution. To support this model, the Microsoft .NET Framework provides a rich security system, capable of confining code to run in tightly constrained, administrator-defined security contexts. This paper examines some of the fundamental security features in the .NET Framework. Many security models attach security to users and their groups (or roles). This means that users, and all code run on behalf of these users, are either permitted or not permitted to perform operations on critical resources. This is how security is modeled in most operating systems. The .NET Framework provides a developer defined security model called role-based security that functions in a similar vein. Role Based Security’s principal abstractions are Principals and Identity. Additionally, the .NET Framework also provides security on code and this is referred to as code access security (also referred to as evidence-based security).
    [Show full text]
  • NET Framework Overview
    .NET Framework Overview .NET Framework, CLR, MSIL, Assemblies, CTS, etc. Svetlin Nakov Telerik Corporation www.telerik.com Table of Contents 1. What is .NET? Microsoft .NET platform architecture 2. What is .NET Framework? .NET Framework Architecture 3. Common Language Runtime (CLR) 4. Managed Code 5. Intermediate Language MSIL 6. Assemblies and Metadata 7. .NET Applications Table of Contents (2) 8. Common Language Infrastructure (CLI) and integration of different languages Common Language Specification (CLS) Common Type System (CTS) 9. Framework Class Library 10. Integrated Development Environment Visual Studio .NET Framework Microsoft's Platform for Application Development What is the .NET Platform? The .NET platform Microsoft's platform for software development Unified technology for development of almost any kind of applications GUI / Web / RIA / mobile / server / cloud / etc. .NET platform versions .NET Framework Silverlight / Windows Phone 7 .NET Compact Framework What is .NET Framework? .NET Framework An environment for developing and executing .NET applications Unified programming model, set of languages, class libraries, infrastructure, components and tools for application development Environment for controlled execution of managed code It is commonly assumed that .NET platform == .NET Framework .NET Framework Components Common Language Runtime (CLR) Environment for controlled execution of programmed code – like a virtual machine Executes .NET applications Framework Class Library (FCL) Standard class library
    [Show full text]
  • NET CLR Framework
    .NET CLR Framework Unmanaged Hosts - Assembly Access ptrex 8/08/2017 .NET CLR Framework WHAT : is .NET Common Language Runtime (CLR) Framework • The Common Language Runtime (CLR) is a an Execution Environment. Common Language Runtime (CLR)'s main tasks are to convert the .NET Managed Code to native code, manage running code like a Virtual Machine, and also controls the interaction with the Operating System. • As part of Microsoft's .NET Framework, the Common Language Runtime (CLR) is managing the execution of programs written in any of several supported languages. Allowing them to share common object- oriented classes written in any of the languages. ptrex 8/08/2017 .NET CLR Framework WHAT : is .NET Common Language Runtime (CLR) Framework • The Common Language Runtime (CLR) has the following key components in .NET • Automatic Memory Management • Garbage Collection • Code Access Security • Code Verification • JIT Compilation of .NET code For more details see here : http://www.csharpstar.com/top-20-dotnet-framework-interview-questions/ ptrex 8/08/2017 .NET CLR Framework HOW : To access the CLR environment. You need to create an Appdomain Object in your unmanaged environment, An Appdomain provides an isolated region in which code runs inside of an existing process. • Application domains provide an isolation boundary for security, reliability, and versioning, and for unloading assemblies. Application domains are typically created by runtime hosts, which are responsible for bootstrapping the common language runtime before an application is run. • In AutoIT you can call the _CLR_GetDefaultDomain() function which is located in the CLR UDF ptrex 8/08/2017 .NET CLR Framework WHAT : is a .NET Appdomain • AppDomain is designed to be called by unmanaged code, and it allows a host to inject an assembly in the current process.
    [Show full text]
  • Net Framework
    1 .NET FRAMEWORK 1. What is .NET Framework? 1 .NET Framework is a complete environment that allows developers to develop, run, and deploy the following applications: Console applications Windows Forms applications Windows Presentation Foundation (WPF) applications Web applications (ASP.NET applications) Web services Windows services Service-oriented applications using Windows Communication Foundation (WCF) Workflow-enabled applications using Windows Workflow Foundation (WF) .NET Framework also enables a developer to create sharable components to be used in distributed computing architecture. NET Framework supports the object-oriented programming model for multiple languages, such as Visual Basic, Visual C#, and Visual C++. .NET Framework supports multiple programming languages in a manner that allows language interoperability. This implies that each language can use the code written in some other language. 2. What are the main components of .NET Framework? .NET Framework provides enormous advantages to software developers in comparison to the advantages provided by other platforms. Microsoft has united various modern as well as existing technologies of software development in .NET Framework. These technologies are used by developers to develop highly efficient applications for modern as well as future business needs. The following are the key components of .NET Framework: .NET Framework Class Library Common Language Runtime Dynamic Language Runtimes (DLR) Application Domains Runtime Host Common Type System Metadata and
    [Show full text]