主权项 |
1. A computer-implemented method, comprising:
associating one of a plurality of trust levels with a component, the component including executable instructions that access a resource controlled by an operating system, the trust level associates a security level with the resource; associating a privilege level with an application, the privilege level associates a security level with the application, the trust level of the component separate from the privilege level of the application; executing the application in an isolation execution environment when the privilege level of the application is a first level; requesting, by the application, activation of the component; and based on the trust level of the component and the privilege level of the application, executing the component requested by the application in a broker process, the broker process accesses the resource in an execution environment that is separate from the isolation execution environment. |