March, 2006

  • .NET Security Blog

    Getting Information about an X509Certificate's Key Container

    • 8 Comments
    One of the more common things a lot of people want to do with their X509Certificate2 is figure out what key container its keys are stored in. You can access this information relatively trivially via the PublicKey property of the X509Certificate2 object...
  • .NET Security Blog

    Debugging a Partial Trust ClickOnce Application

    • 3 Comments
    Although the theory is that by the time we deploy a finished application it's already fully debugged we all know that in practice things rarely go that smoothly. So what happens if you deploy a partial trust ClickOnce application that starts to crash...
  • .NET Security Blog

    SSCLI v2

    • 5 Comments
    As Jason announces , v2.0 of the SSCLI is now available for download: http://msdn.microsoft.com/net/sscli . In addition to general CLR features like generics that are available in this download, some interesting security points to look at are: ...
  • .NET Security Blog

    Why Can't I See Extended SecurityException Information?

    • 1 Comments
    The v2.0 SecurityException is chock full of debugging goodness -- for trusted code that is. In some cases you might not see all the extended error information. The reason is that before writing extra security information into the output of ToString()...
  • .NET Security Blog

    Return of the Mailbag

    • 1 Comments
    Over the last week or so I've seen a few questions pop up multiple times. In no particular order: Q: Is calling a virtual method with a non-virtual call verifiable? A: It depends :-) In v1.x of the CLR this was verifiable. We made a change in v2...
  • .NET Security Blog

    Impersonation and Exception Filters in v2.0

    • 8 Comments
    A while back, I wrote about a potential security hole when malicious code can set up an exception filter before calling your code which does impersonation . In the final release of v2.0, we've added a feature to help mitigate this problem. The CLR...
Page 1 of 1 (6 items)