.NET Security Blog

How to modify your security policy to make your application work from the LocalIntranet zone...

Since network shares by default only get LocalIntranet permissions, it's relatively common to want to use CasPol to fully trust some shares that you control and know are safe. However, CasPol syntax being what it is, the command to do this isn't immediately...

Avoiding security exceptions that occur when you try to provide extra trust based upon strong name or X509 certificates...

The standard System.String has never been a very secure solution for storing sensitive strings such as passwords or credit card numbers. Using a string for this purpose has numerous problems, including: It's not pinned, so the garbage collector can move...

One common mistake that people make when using managed encryption classes is that they attempt to store the result of an encryption operation in a string by using one of the Encoding classes. That seems to make sense right? After all, Encoding.ToString...

Certain types of software, such as code written for a government contract, require adhering to a strict set of guidelines, especially when it comes to security. To better enable this type of software, v2.0 of the CLR provides the ability for you to enforce...

v2.0 of the .NET Framework deprecated the use of the AssemblyKeyFileAttribute and AssemblyKeyContainerAttribute . Often times, these attributes were used to share a common key file across several projects. If you try to share key files using the Visual...

The AllowPartiallyTrustedCallersAttribute (affectionately referred to as APTCA from here on out), is one of the aspects of the security system that most frequently trips people up when they run into it. Lets look at a typical scenario where I might run...

If you're trying to encrypt data using a password, how do you convert the password into a key for symmetric encryption? The easiest way might be to simply convert the password to a byte array, and use this array as your key. However, this is a very bad...

Most people know about the delay signing feature of the CLR. (For those who don't check out MSDN's Delay Signing an Assembly for more details). Basically, delay signing allows a developer to add the public key token to an assembly, without having access...

Today we pushed .NET 1.0 SP3 and .NET 1.1 SP1 onto Windows Update as a Critical Update. You can also download the service packs from the MSDN download center. Here's a brief review of what's new for security in each service pack: .NET 1.0 SP3 (v1.0.3705...

Assembly level declarative security comes in three forms, RequestMinimum, RequestOptional, and RequestRefuse. The three can be briefly defined as: RequestMinimum -- the set of permissions that are absolutely required for this assembly to run RequestOptional...

What does being in the GAC imply about the permission set that will be assigned to an assembly? Well, it depends ... In v1.0 and 1.1, the fact that assemblies in the GAC seem to always get a FullTrust grant is actually a side effect of the fact that the...

Last week I mentioned that although currently assemblies in the GAC receive FullTrust as a side effect of the GAC being on the local machine, from Whidbey beta 2 and beyond, being in the GAC will imply FullTrust on its own. A lot of the feedback wondered...

We’ve recently discovered a bug in the HMACSHA512 and HMACSHA384 classes which shipped in the .NET Framework 2.0. This bug will cause these algorithms to produce incorrect results which are not consistent with other implementations of HMAC-SHA-512 and...

We released the first beta of .NET 3.5 SP 1 this morning, and it includes a change to the default grant set for applications launched from the LocalIntranet zone. The quick summary is that as of .NET 3.5 SP1, applications run from a network share will...

Guillermo recently started blogging about some Whidbey enhancements around impersonation. However, figuring out how to impersonate in the first place can be a little less than obvious. WindowsIdentity contains an Impersonate method, but it doesn't accept...

Yesterday I posted a bit of code that shows how to impersonate another user in managed code. However, that code had a subtle security hole waiting to bite you if you used it directly. Both Dean and Eric found the problem. In fact Eric reminded me of a...

Although the v1.0 and v1.1 versions of CasPol provided a switch to disable the CLR's security system, running without CAS enforcement on was never a scenario that we encouraged for obvious reasons. The choice to disable security was a system wide switch...

When it comes time to host some partially trusted code in your application, perhaps as a part of an Add-In model, you’ve got a few options to choose from. How do you decide which is the best way to go? Thankfully the answer to this one is relatively...

One of the new cryptography features in the v2.0 framework is the ability to work with PKCS #7 formatted messages . The PKCS features live in the new System.Security.Cryptography.Pkcs namespace in System.Security.dll, and are thin wrappers around the...

Some programs, such as MSN Messenger, change their behavior when the current session is locked and unlocked. Messenger, for instance, will change your status to Away while your machine is locked, and then back to Online when your machine is unlocked....

As of today, there are 40 members of the extended CLR team with blogs on and off of MSDN. Some are more active than others, but if you're looking for a blog that might cover a specific area, here's some places to check out. Note these are categorized...

You may be in for a surprise when you try to rebuild your strongly named assemblies written in C# under Whidbey for the first time. If you're using the AssemblyKeyFile attribute, you'll get a warning similar to this: signed.cs(4,11): warning CS1699...

Last week, I blogged about using references to sign only specific parts of an XML document. The biggest limitation with doing this is that you must refer to the nodes that are being signed by ID, which for v1.1 and 1.0 of the framework was given by an...