.NET Security Blog

Keith Brown recently pointed out that the issues with first pass exception handling extend well beyond the instance I mention of correctly reverting your impersonation context . Basically, anywhere you rely on a finally block to keep your state consistent...

When authoring an application to run with partial trust, one of the problems many people hit is the inability to open an arbitrary file for reading. Generally partial trust code just won't have the FileIOPermission necessary to do this. Obviously preventing...

Over the last couple of days we've talked about how to impersonate another user , and some security issues to keep in mind while impersonating . Now I'd like to take a look at some new features available in Whidbey which can make the whole process much...

Yesterday I posted a bit of code that shows how to impersonate another user in managed code. However, that code had a subtle security hole waiting to bite you if you used it directly. Both Dean and Eric found the problem. In fact Eric reminded me of a...

Guillermo recently started blogging about some Whidbey enhancements around impersonation. However, figuring out how to impersonate in the first place can be a little less than obvious. WindowsIdentity contains an Impersonate method, but it doesn't accept...

Last fall, in the article Mike Downen and I wrote for MSDN magazine , we mentioned the expanded support for X.509 certificates, and specifically pointed out how to use them with XML digital signatures . For those of you picking up the Febuaray CTP (and...

Next Tuesday (March 15th), the BCL team is having a blog day where they're planning on devoting the entire day to creating blog entries and samples exploring the BCL. They're soliciting feedback as to what kind of samples you like to see , so if you're...

SkipVerification permission, which allows the JIT to compile any code even if it cannot prove the safety of that code, is a bit of a special permission. For instance, it's the only permission which causes an exception other than SecurityException when...

Reflection and its interaction with security can sometimes be a bit of a confusing matter. The easiest portion to figure out is the permissions needed to use Reflection.Emit. In order to do anything with the reflection emit feature, you'll need to have...

Following up on the pieces we had last week that mentioned NGEN and security ... Reid has just posted a good piece about how NGEN deals with the fact that the grant set of an assembly can change from the time the assembly is NGENed to the time that it...