Browse by Tags

Tagged Content List
  • Blog Post: Using SecAnnotate to Analyze Your Assemblies for Transparency Violations – An Example

    SecAnnotate (available in the final .NET 4 SDK, and in beta form here ) can be used to analyze your assemblies, especially APTCA assemblies in order to find transparency violations without needing code coverage from a test case. Instead, the static analysis provided by SecAnnotate is valuable in ensuring...
  • Blog Post: SecAnnotate Beta

    One of the design goals of the security transparency system in the CLR is that it should be as static as possible and not rely on dynamic state (such as the call stack) to function. A fallout of this is that we can write tools to analyze assemblies and find transparency violations in the assembly without...
  • Blog Post: Differences Between the Security Rule Sets

    In my last post I talked about the two different security rule sets supported by the v4 CLR .  At a high level, level 1 is the v2.0 security transparency model, and level 2 encompasses the updated v4 security transparency model.  Digging down a little deeper, it’s interesting to look at some...
  • Blog Post: Transparency Models: A Tale of Two Levels

    Earlier this week, we looked at how the v4 CLR continued the evolution of the security transparency model that started in v2 and started evolving with Silverlight in order to make it the primary security enforcement mechanism of the .NET 4 runtime. The result is that the v4 transparency model, while...
  • Blog Post: Transparency as Enforcement in CLR v4

    Now that we know the basics of security transparency , let's look at how it evolved over time. In .NET v2.0, many of the transparency rules we previously looked at were in place , with the exception of some of the inheritance rules that were introduced for the first time in the Silverlight transparency...
  • Blog Post: Bridging the Gap Between Transparent and Critical Code

    Last time we looked at the set of operations that can only be performed by security critical code . One interesting observation is that just because you are doing one of these operations does not mean that your method in and of itself is security sensitive. For instance, you might implement a method...
  • Blog Post: Transparency 101: Basic Transparency Rules

    One of the biggest changes in the .NET 4 security model is a move toward security transparency as a primary security enforcement mechanism of the platform. As you'll recall, we introduced security transparency in the v2 release of .NET as more of an audit mechanism in order to help make the surface area...
  • Blog Post: CLR v4 Security Policy Roundup

    Over the last few weeks we’ve been taking a look at the updates to the CLR security policy system in the v4 release of the .NET Framework. Here’s a quick index of those topics: Overview Security Policy in the v4 CLR Sandboxing in .NET 4.0 Updating code to work with the new model ...
  • Blog Post: Temporarily re-enabling CAS policy during migration

    Over the last few weeks we’ve been looking at the changes to security policy in .NET 4, namely that security policy is now in the hands of the host and the operating system. While we’ve looked at how to update code that implicitly uses CAS policy , loads assemblies from remote sources , and explicitly...
  • Blog Post: Coding with Security Policy in .NET 4 part 2 – Explicit uses of CAS policy

    Over the last few posts, I’ve been looking at how the update to the CLR v4 security policy interacts with how you write managed code against the v4 .NET Framework.  So far we’ve looked at the implicit uses of CAS policy, such as loading assemblies and creating AppDomains with Evidence and loading...
  • Blog Post: More Implicit Uses of CAS Policy: loadFromRemoteSources

    In my last post about changes to the CLR v4 security policy model, I looked at APIs which implicitly use CAS policy in their operation (such as Assembly.Load overloads that take an Evidence parameter), and how to migrate code that was using those APIs.   There are another set of assembly loads...
  • Blog Post: CLR 4 Security on Channel 9

    A while back I did an interview with Charles Torre   about the changes to security in CLR v4, and he posted it to the Channel 9 videos site yesterday. I start out talking about the security policy changes I've been covering here over the last week, and then transition into an overview of some of...
  • Blog Post: Visual Studio 10 Security Tab Changes

    Kris Makey, who works on the Visual Studio team, has written up a good blog post about the changes you’ll see on the security tab in Visual Studio 10 when it comes to editing permission sets .  He covers what the changes are, and some of the reasons why we worked with the Visual Studio team to make...
  • Blog Post: Coding with Security Policy in .NET 4.0 – Implicit uses of CAS policy

    Last week we looked at sandboxing and the v4 CLR – with the key change being that the CLR now defers exclusively to the host application when setting up sandboxed domains by moving away from the old CAS policy model, and moving instead to simple sandboxed AppDomains. This leads to an interesting situation...
  • Blog Post: Sandboxing in .NET 4.0

    Yesterday I talked about the changes in security policy for managed applications , namely that managed applications will run with full trust - the same as native applications - when you execute them directly. That change doesn’t mean that managed code can no longer be sandboxed however - far from...
  • Blog Post: .NET 4.0 Security

    The first beta of the v4.0 .NET Framework is now available , and with it comes a lot of changes to the CLR's security system. We've updated both the policy and enforcement portions of the runtime in a lot of ways that I'm pretty excited to finally see available. Since there are a lot of security changes...
  • Blog Post: CryptoConfig

    The crypto config schema has been a bit of a hot topic around here lately, specifically around how to modify the CLR's machine.config to get custom crypto types registered with CryptoConfig. Let's take a quick look at what CryptoConfig is first, and then we'll see how to customize its behavior. CryptoConfig...
  • Blog Post: Using RSACryptoServiceProvider for RSA-SHA256 signatures

    Earlier this month, we released .NET 3.5 SP 1 .  One of the new features available in this update is that RSACryptoServiceProvider has gained the ability to create and verify RSA-SHA256 signatures. Since RSACryptoServiceProvider relies on the underlying CAPI APIs to do its work, this feature will...
  • Blog Post: CLR Security Team CodePlex Site

    The CLR Security Team just launched our CodePlex site: http://www.codeplex.com/clrsecurity .  Currently, it contains two assemblies that provide additional functionality to the security APIs shipped in v3.5 of the .NET Framework. We'd love your feedback on the currently offered libraries, and also...
  • Blog Post: Dr. Dobbs Looks at Silverlight Security

    Dino Esposito has an article in the March Dr. Dobb's Journal taking a look at the Silverlight platform from a security perspective: The Silverlight 2.0 Security Model .  The second half in particular boils down some of the details of the transparency model used for security enforcement in Silverlight...
  • Blog Post: Strong Name Bypass

    Many managed applications start up slower than they really need to because of time spent verifying their strong name signatures. For most of these applications, the strong name verification isn't buying the application anything - especially fully trusted desktop applications that are using C# as a better...
  • Blog Post: FullTrust on the LocalIntranet

    We released the first beta of .NET 3.5 SP 1 this morning, and it includes a change to the default grant set for applications launched from the LocalIntranet zone. The quick summary is that as of .NET 3.5 SP1, applications run from a network share will receive a grant set of FullTrust by default, making...
  • Blog Post: Disabling the FIPS Algorithm Check

    .NET 2.0 introduced a check for FIPS certified algorithms if your local security policy was configured to require them. This resulted in algorithms which are not FIPS compliant (or implementations which were not FIPS certified) throwing an InvalidOperationException from their constructors. In some cases...
  • Blog Post: CAS and Native Code

    CAS is complicated enough to understand when all of the moving parts are written in managed code (and therefore have all the associated managed meta-information like grant sets, etc). However, once native code comes into play things can get even more confusing. Let's take a look at how CAS works when...
  • Blog Post: Which Groups Does WindowsIdentity.Groups Return?

    WindowsIdentity exposes a Groups property which returns a collection of IdentityReferences for the groups that a particular user is a member of. However, if you look closely, you'll find that these returned groups won't necessarily include all of the groups that the user is a member of. Under the covers...
Page 1 of 10 (228 items) 12345»