On Mon, Apr 21, 2008 at 7:52 AM, Andy Hume <[EMAIL PROTECTED]> wrote: > This is actually /not/ what CAS is for, remember that it is *Code* > Access Security. That is, it is orthogonal to *Role* Access Security. > As a user I run some .NET code in my web browser, *I* (logged in as Role > "user1" say) have full rights to do anything with files in my home > directory (chmod etc shows that), however I don't trust the *Code* that > I'm downloading and running, so *it* has no rights to do anything with > files at all.
On Mon, Apr 21, 2008 at 9:12 AM, Sebastien Pouliot <[EMAIL PROTECTED]> wrote: > You're mixing two different concepts in there. > > One is CAS[1], where permissions are policy based and applied on the > code being executed. The runtime is responsible to enforce this. > > [1] mono does not support CAS, see wiki. > > The second is access control, where a resource is protected based on the > user (not code) identity. The OS is responsible to enforce this. > > >From the results you seem to expect you're looking into access control > (which are not cross-platform). I believe you'll find everything you > need in the Mono.Posix.dll assembly. > > > Sebastien > > Hi Andy & Sebastien, Thanks for the clarification. I've rolled my own check for write access by just trying to create a file in the directory and seeing if it succeeds or fails. Yawar _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
