Mono Security Manager – Using CAS permissions
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Is there a link?
Why, is that the first time you read about mono?
I just wanna say that I use CAS permissions in almost any project I develop, expecially Web applications. Coupled with Role-based authentication, this is very effective and, most of all, protects your software from bugs or hacking exploitation attempts.
Once you secure your logon system (in order not to allow hackers to be able to gain other user’s credentials), you get awarded with automatic permission checking over your code so (say), if you require that a method call can only be executed by a member of specific role (“Admins”, for example) or a specific user (“Administrator”) and user doesn’t meet that criteria, he/she won’t be able to execute code, whatever way he/she exploited to get there.
I find this very effective, though it requires a slightly higher design effort.