Browse by Tags

Tagged Content List
  • Blog Post: CAS and Native Code

    CAS is complicated enough to understand when all of the moving parts are written in managed code (and therefore have all the associated managed meta-information like grant sets, etc). However, once native code comes into play things can get even more confusing. Let's take a look at how CAS works when...
  • Blog Post: Combining Strong Names with Authenticode

    If you want to use both a strong name and Authenticode signature on your assembly (for instance if you need a strong name for strong assembly identity, and your company has a rule requiring Authenticode signatures on all shipped products), then you need to make sure to do these in a specific order. Strong...
  • Blog Post: Special Permissions in the SSCLI

    Before digging into a pretty clever optimization that the SSCLI makes for certain special permission demands, I want to point out that everything I’m about to cover is an implementation detail. Although this optimization does occur today, we can and will change it for future versions of the CLR (and...
  • Blog Post: How does the CLR figure out Zone evidence?

    This week, I've had three separate cases where people have wondered why the CLR was assigning seemingly incorrect zone evidence to their assembly, causing their permission sets to be less than what was expected. The quick and dirty answer is that the CLR doesn't in fact assign zones (with one small...
  • Blog Post: What Happens When You Fully Sign a Test Signed Assembly

    When an assembly is test signed , the public key used to verify its signature is different from the public key that makes up part of the assembly identity. So what happens when you take an assembly which is registered as a test signed assembly on your machine and fully sign it? The key here (aren...
  • Blog Post: LinkDemands and InheritenceDemands Occur at JIT Time

    We previously saw that the SkipVerification demand for calling a method with unverifiable code occurs at JIT time rather than at runtime. Two other types of demands also occur at JIT time, LinkDemands and InheritenceDemands. An InheritenceDemand will occur when the method of the derived class is being...
  • Blog Post: Exploring the ADMHost Sample

    When I first talked about AppDomainManagers , I mentioned that there were three ways to set them up. You can either setup an environment block, use some registry keys, or use the unmanaged hosting API. In most of my samples so far I've used the environment variables , and in fact I discourage using the...
  • Blog Post: A Closer Look at the Simple Sandboxed AppDomain

    Yesterday we took a look at Whidbey's new Simple Sandboxing API . At first glance this API does seem relatively simple, however when you start to look closer at the AppDomain that is created for your sandboxed code, there are a few surprising properties. You might expect that under the covers this...
  • Blog Post: Setting up an AppDomainManager

    When I first talked about AppDomainManagers , I mentioned that there were three ways to tell the CLR that you'd like to use the managed hosting infrastructure: The unmanaged hosting API Environment variables APPDOMAIN_MANAGER_ASM and APPDOMAIN_MANAGER_TYPE A set of registry keys Of these...
  • Blog Post: Whidbey's Security Off Model

    Although the v1.0 and v1.1 versions of CasPol provided a switch to disable the CLR's security system, running without CAS enforcement on was never a scenario that we encouraged for obvious reasons. The choice to disable security was a system wide switch that affected any managed application on any version...
  • Blog Post: Safely Impersonating Another User

    Yesterday I posted a bit of code that shows how to impersonate another user in managed code. However, that code had a subtle security hole waiting to bite you if you used it directly. Both Dean and Eric found the problem. In fact Eric reminded me of a blog entry he wrote on the same subject last fall...
  • Blog Post: When is ReflectionPermission Needed?

    Reflection and its interaction with security can sometimes be a bit of a confusing matter. The easiest portion to figure out is the permissions needed to use Reflection.Emit. In order to do anything with the reflection emit feature, you'll need to have ReflectionPermission with the ReflectionEmit flag...
  • Blog Post: The Difference Between the Strong Name Hash and Hash Evidence

    The System.Security.Policy.Hash class allows you to make security decisions based upon the hash of an assembly using the HashMembershipCondition . That sounds awfully similar to how strong names are calculated ... According to ECMA partition II section 6.2.1.3 , a strong name is computed by using RSA...
  • Blog Post: Finding the Raw Strong Name Signature

    Wow ... there's been lots of interest in signatures lately :-) In response to my last post about reserving a larger section of the PE file for the signature when you create a signature with a larger key, William wants to know if you can extract the actual signature bytes from the PE file. Absolutely...
  • Blog Post: Shri Starts Blogging

    Shri started up a blog today , joining David as members of the JIT team on MSDN blogs. His first post is on how the x86 JIT implements a tail call ... and why its not as fast as it could be. Now that Shri has a blog, the percentage of people in my hallway that are blogging has overcome the percentage...
  • Blog Post: Removing Permissions From FullTrust

    Executing the following code: PermissionSet ps = new PermissionSet(PermissionState.Unrestricted); Console.WriteLine("Before Removing Permissions:"); Console.WriteLine(ps.ToXml().ToString()); ps.RemovePermission( typeof (RegistryPermission)); Console.WriteLine("After Removing Permissions:"); Console.WriteLine...
  • Blog Post: Managed Hosting API Take 3: the Host SecurityManager

    Now that we've examined how to customize the AppDomain creation process , lets go back to our EchoAppDomainManager and look at some other places the CLR lets a managed host customize its behavior. Looking back at the output of running HelloWorld with the EchoAppDomainManager setup, we see: D:\>set...
  • Blog Post: What's the FullTrust List For Anyway?

    Time for a quick break from managed hosting. I've been asked several times on this blog and in the newsgroups about the FullTrust list that the CLR keeps. What is it, and why does it exist? The reason for the list is due to a problem that exists when evaluating policy. Since all security policy objects...
  • Blog Post: Customizing the AppDomain Creation Process

    Last week, I posted about AppDomainManagers . Today, I'm going to look a little more closely at how the AppDomainManager allows you to customize the domain creation process. Specifically there are two methods that, when overridden, allow you to modify how an AppDomain is created: CreateDomain - called...
  • Blog Post: The Managed Hosting API

    With v1.0 and v1.1 of the CLR, if you wanted to have much control over how the CLR was working under the covers, you needed to write an unmanaged host. The unmanaged hosting API still exists with Whidbey (in fact, its gotten quite a few improvements of its own -- Dino's blog is a good place to look for...
  • Blog Post: David Starts Blogging

    David Notario has started up a blog ... he's one of the x86 JIT devs, and (since his office is right next door), is always the guy I go to when I need an issue about how the x86 JIT or the x86 JIT verifier works. His first post covers the phases of JIT compilation .... this looks like it could be a good...
  • Blog Post: The Locations of the Other Policy Levels

    On Monday I wrote about how to recover CasPol to a usable state , if you've modified the security policy to disallow CasPol permission to run. My instructions included deleting %WINDIR%\Microsoft.Net\Framework\v x.y.zzzz \config\Security.config and Security.cch. I've gotten a few emails that correctly...
  • Blog Post: Mike Stall's (Relatively)New Debugger Blog

    Mike Stall is one of the devs on our base services team, and his focus is on managed debugging. I played football with Mike 4 flag football seasons back, but generally don't need to work directly with him since the debugger and security don't have very much interaction. However, Mike is always the guy...
  • Blog Post: How I Learned to Stop Worrying and Love the GC

    Chris Lyon , the CLR's GC tester, has just started up a new MSDN blog. Working on the GC, Chris has a lot of knowledge about how the CLR works internally, and he'll be able to shed some light on one of the most misunderstood components of the runtime. Chris's first post is about a new feature in .NET...
  • Blog Post: New ILAsm Support For Assembly-Level Security

    Before Whidbey shipped, using assembly level declarative security was always a bit of a pain. Previous versions of the CLR required you to provide security attributes in the form of XML, which meant that you would have to figure out the exact XML represented the permission sets you wanted, and use those...
Page 1 of 2 (38 items) 12