which country user step here?

Tag Cloud

MOSS (47) SharePoint 2007 (37) SharePoint 2013 (23) SharePoint 2010 (22) MOSS admin (17) admin (17) PowerShell (16) developer (16) List (15) WSS (14) MOSS SP2 (13) sql query (13) end user (11) scripting (11) wss V3 (11) Moss issue (8) search (8) permission (7) sql (7) Service Pack (6) database (6) reportadmin (6) workflow (6) Excel (5) client object model (5) CU (4) Client Code (4) Command (4) Cumulative Updates (4) Patch (4) SharePoint designer (4) stsadm (4) ASP.NET (3) Content Database (3) Groove (3) Host Named Site Collections (HNSC) (3) IIS (3) RBS (3) Tutorial (3) alert (3) batch file (3) codeplex (3) error (3) incomming email (3) restore (3) upload (3) Caching (2) Folder (2) Index (2) Internet (2) News (2) People Picker (2) Share Document (2) View (2) Web Development with ASP.NET (2) authentication (2) coding (2) column (2) deploy solution (2) domain (2) download (2) enumsites (2) exam (2) export (2) issue (2) june CU (2) mySites (2) network (2) office 365 (2) orphan site (2) performance (2) profile (2) project server (2) query (2) server admin (2) theme (2) timer job (2) training (2) user porfile (2) web master (2) web.config (2) wsp (2) 70-346 (1) 70-630 (1) AAM (1) Anonymous (1) Approval (1) Cerificate (1) Consultants (1) Content Deployment (1) Content Type (1) DOS (1) Document Library (1) Drive Sapce (1) Excel Services (1) Export to Excel (1) Feature (1) GAC (1) Get-SPContentDatabase (1) Get-WmiObject (1) HTML calculated column (1) ISA2006 (1) IT Knowledge (1) ITIL (1) Install (1) Link (1) MCTS (1) Macro (1) Migration (1) My Site Cleanup Job (1) My Sites (1) NLBS (1) Nintex (1) Office (1) Open with Explorer (1) ROIScan.vbs (1) Reporting Services (1) SPDisposeCheck.exe (1) SQL Instance name (1) SSRS (1) SharePoint farm (1) Shared Services Administration (1) Site Collection Owner (1) Site template (1) Steelhead (1) URLSCAN (1) VLOOKUP (1) WSS SP2 (1) XCOPY (1) add user (1) admi (1) app (1) application pool (1) aspx (1) audit (1) availabilty (1) backup (1) binding (1) blob (1) branding sharepoint (1) cache (1) calendar (1) connection (1) copy file (1) counter (1) crawl (1) custom list (1) event (1) excel 2013 (1) facebook (1) filter (1) fun (1) group (1) iis log (1) import (1) import list (1) improment (1) interview (1) keberos (1) load balance (1) log in (1) metada (1) migrate (1) mossrap (1) onedrive for business (1) operation (1) process (1) publishing feature (1) resource (1) security (1) send email (1) size (1) sps2003 (1) sql201 (1) sub sites (1) system (1) table (1) task list (1) today date (1) vbs (1) video (1) web part (1) widget (1) windows 2008 (1) windows 2012 R2 (1) windows Azura (1) windows account (1) windows2012 (1) wmi (1)

Friday, August 27, 2010

Basic sharing on Code Access Security (CAS)

Controlling access to system resources ( Dir structures and file) 

WSS have 2 security approaches :
  • user identity-based
  • code identity-based [digital certificate or URL or site]
WSS is use .NET Framework , which is using code identity-based approach so call CAS


Levels of trust
  • Full > unmanaged code
  • High > cannot call unmanaged code and enterprise service but can send email using SMTP servers , also can access sockets and file system
  • Medium >  SMTP and SQL but cannot access sockets and registry
  • Low > read only application virtual dir and no network connectivity
  • Minimal > have execute permission only
WSS have 2 policy ( Virtual server extedned to wss this policy will applied to)
  • wss_minimaltrust.config
  • wss_mediumtrust.config
WSS security setting for CAS:
  • machine.config > c:\windows\micorsoft.net\framwork\V2.0.50727\config
  • web.config

Web.config located

  • top level conetn root > C:\Inetpub\wwwroot > configuration for web server
  • web part resoucces of the global assemy cache
  • CONFIG ….\web server extensions\60\config\ > define for other extending vs
  • ISAPI ….for the /_vti_bin
  • LAYOUTS > for /_layouts
  • ADMIN > SharePoint CA

No comments: