July, 2005

  • .NET Security Blog

    3 Years, 3 Pounds

    • 3 Comments
    Today marks my 3 year anniversary on the CLR security team (not counting my internship, which I suppose would bring me to 3 years 3 months). We have a tradition on the CLR team where on the anniversary of your hire, you bring in an equivalent number of...
  • .NET Security Blog

    Why Is CasPol Prompting Me For Confirmation?

    • 2 Comments
    Every once in a while I get asked a question along the lines of: "I used to run CasPol in a script to modify security settings. Now my script never returns, and when I debug CasPol has started asking me to confirm its operations. What happened?...
  • .NET Security Blog

    Profiling Signed Assemblies

    • 0 Comments
    Ian Huff has an entry today about the problems you'll run into when using Visual Studio Team System to profile assemblies that have a strong name signature . He walks through the steps necessary to cause Visual Studio to resign your assemblies after they...
  • .NET Security Blog

    Bootstrapping your Application's AppDomainManager

    • 7 Comments
    Last time I mentioned that when using pure managed code to setup an AppDomainManager, you should prefer to use the environment variables rather than the registry keys. Once you've decided to use the environment variables, you need to determine a strategy...
  • .NET Security Blog

    Setting up an AppDomainManager

    • 5 Comments
    When I first talked about AppDomainManagers , I mentioned that there were three ways to tell the CLR that you'd like to use the managed hosting infrastructure: The unmanaged hosting API Environment variables APPDOMAIN_MANAGER_ASM and APPDOMAIN_MANAGER_TYPE...
  • .NET Security Blog

    Loading the Same Assembly with Different Evidence

    • 5 Comments
    Assembly.Load provides overloads that take an Evidence object in addition to the name of the assembly to load. This leads to the question -- what happens if you were to load the same assembly multiple times with different Evidence. It's easy enough...
  • .NET Security Blog

    Don't Sign C++/CLI Assemblies with Attributes

    • 4 Comments
    We've already talked about using the /keyfile or /keycontainer switches to sign C# and VB assemblies instead of using the AssemblyKeyFile attribute. When dealing with C++/CLI assemblies, using these switches becomes even more important. The reasoning...
  • .NET Security Blog

    Heading to New York

    • 0 Comments
    Now that I've resolved the broken computer problem , and am all set up to blog again, I'm off to New York until July 11th. (Well, actually I've been in New York since June 29th, but things were pretty hectic getting ready to leave, so I wasn't able to...
Page 1 of 1 (8 items)