Browse by Tags

Tagged Content List
  • Blog Post: Using SecAnnotate to Analyze Your Assemblies for Transparency Violations – An Example

    SecAnnotate (available in the final .NET 4 SDK, and in beta form here ) can be used to analyze your assemblies, especially APTCA assemblies in order to find transparency violations without needing code coverage from a test case. Instead, the static analysis provided by SecAnnotate is valuable in ensuring...
  • Blog Post: SecAnnotate Beta

    One of the design goals of the security transparency system in the CLR is that it should be as static as possible and not rely on dynamic state (such as the call stack) to function. A fallout of this is that we can write tools to analyze assemblies and find transparency violations in the assembly without...
  • Blog Post: Differences Between the Security Rule Sets

    In my last post I talked about the two different security rule sets supported by the v4 CLR .  At a high level, level 1 is the v2.0 security transparency model, and level 2 encompasses the updated v4 security transparency model.  Digging down a little deeper, it’s interesting to look at some...
  • Blog Post: Transparency Models: A Tale of Two Levels

    Earlier this week, we looked at how the v4 CLR continued the evolution of the security transparency model that started in v2 and started evolving with Silverlight in order to make it the primary security enforcement mechanism of the .NET 4 runtime. The result is that the v4 transparency model, while...
  • Blog Post: Transparency as Enforcement in CLR v4

    Now that we know the basics of security transparency , let's look at how it evolved over time. In .NET v2.0, many of the transparency rules we previously looked at were in place , with the exception of some of the inheritance rules that were introduced for the first time in the Silverlight transparency...
  • Blog Post: Bridging the Gap Between Transparent and Critical Code

    Last time we looked at the set of operations that can only be performed by security critical code . One interesting observation is that just because you are doing one of these operations does not mean that your method in and of itself is security sensitive. For instance, you might implement a method...
  • Blog Post: Transparency 101: Basic Transparency Rules

    One of the biggest changes in the .NET 4 security model is a move toward security transparency as a primary security enforcement mechanism of the platform. As you'll recall, we introduced security transparency in the v2 release of .NET as more of an audit mechanism in order to help make the surface area...
  • Blog Post: CLR 4 Security on Channel 9

    A while back I did an interview with Charles Torre   about the changes to security in CLR v4, and he posted it to the Channel 9 videos site yesterday. I start out talking about the security policy changes I've been covering here over the last week, and then transition into an overview of some of...
  • Blog Post: Transparency and Member Visibility

    Before PDC we were talking a bit about security transparency, namely what it is and how to use it . We learned the restrictions placed on transparent code which prevents it from elevating the permissions of the call stack, namely: Transparent code cannot Assert for permissions to stop the stack...
  • Blog Post: Marking Your Code Transparent

    Last week I discussed the concepts of security transparency and security critical code. Now it's time to get into the how-to's Marking an Entire Assembly Critical This is by far the easiest of the operations ... just do nothing [:D]. By default, all assemblies compiled for the v1.x and v2.0 frameworks...
  • Blog Post: When the Opposite of Transparent isn't Opaque

    When you provide an assembly that will be called by partially trusted callers, you need to make sure that you do a thorough security audit of that assembly -- especially if it’s an APTCA assembly. One of the primary reasons this security review is required is that you don’t want your assembly unwittingly...
Page 1 of 1 (11 items)