Contents

Secure development overview API overview Rule sandbox details Trusted assemblies Untrusted assemblies Elevating CAS permissions General principles Guidelines for elevating CAS permissions Preventing hijacking of elevated permissions Preventing access to code outside the sandbox Preventing untrusted code from leaving the sandbox Limitations of the rule sandbox security model Oracle-hosted Central Designer SQL injections XML injection