October, 2007

  • .NET Security Blog

    Transparency as Least Privilege

    • 0 Comments
    In my last post I mentioned that there is a better alternative to RequestRefuse for achieving least privilege . The tool I like to use for least privilege is actually the security transparency model available in v2.0+ of the CLR (and which became the...
  • .NET Security Blog

    Avoiding Assembly Level Declarative Security

    • 0 Comments
    I've written in the past about the three assembly level declarative security actions : RequestMinimum, RequestOptional, and RequestRefuse. Although the CLR has supported these since v1.0, I tend to stay away from using them as much as I possibly can,...
Page 1 of 1 (2 items)