Today marks my 3 year anniversary on the CLR security team (not counting my internship, which I suppose would bring me to 3 years 3 months). We have a tradition on the CLR team where on the anniversary of your hire, you bring in an equivalent number of...

Every once in a while I get asked a question along the lines of: "I used to run CasPol in a script to modify security settings. Now my script never returns, and when I debug CasPol has started asking me to confirm its operations. What happened?...

Ian Huff has an entry today about the problems you'll run into when using Visual Studio Team System to profile assemblies that have a strong name signature . He walks through the steps necessary to cause Visual Studio to resign your assemblies after they...

Last time I mentioned that when using pure managed code to setup an AppDomainManager, you should prefer to use the environment variables rather than the registry keys. Once you've decided to use the environment variables, you need to determine a strategy...

When I first talked about AppDomainManagers , I mentioned that there were three ways to tell the CLR that you'd like to use the managed hosting infrastructure: The unmanaged hosting API Environment variables APPDOMAIN_MANAGER_ASM and APPDOMAIN_MANAGER_TYPE...

Assembly.Load provides overloads that take an Evidence object in addition to the name of the assembly to load. This leads to the question -- what happens if you were to load the same assembly multiple times with different Evidence. It's easy enough...

We've already talked about using the /keyfile or /keycontainer switches to sign C# and VB assemblies instead of using the AssemblyKeyFile attribute. When dealing with C++/CLI assemblies, using these switches becomes even more important. The reasoning...

Now that I've resolved the broken computer problem , and am all set up to blog again, I'm off to New York until July 11th. (Well, actually I've been in New York since June 29th, but things were pretty hectic getting ready to leave, so I wasn't able to...