My bedtime reading these days is the most excellent .NET Framework Security by LaMacchia, Lange, Lyons, Martin & Price.[1] While reading through Chapter 17 on administration topics, I discovered the Windows Software Restriction Policies, which act as a simplified unmanaged variant of CAS. WSRP is only implemented beginning with Windows XP and Windows.NET Server.
There's an interesting statement on p. 261: "The CAS system and Software Restriction Policies get out of each other's way. Whenever a managed library or executable is invoked, Software Restriction Policies will recuse itself and leave all policy decisions and enforcement actions up to the .NET Framework's Code Access Security System". My question is: how is this handoff managed? I know that under Windows.Net Server that the Windows loader understands the managed PE file format, so presumably this is how they did it under Windows.Net Server. However, the Windows XP doesn't understand managed PE files natively. How is it handled under XP? Thanks, -John http://www.iunknown.com <http://www.iunknown.com/> [1] http://www.amazon.com/exec/obidos/ASIN/067232184X/qid=1022811614/sr=8-1/ ref=sr_8_1/103-7808146-4027826 You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
