Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
If you’re using the CustomAttributeData APIs to examine declarative security permission, you might...
Date: 04/21/2010
With all the changes in the security system of .NET 4, the question frequently arises “so, is CAS...
Date: 02/24/2010
SecAnnotate (available in the final .NET 4 SDK, and in beta form here) can be used to analyze your...
Date: 11/18/2009
One of the design goals of the security transparency system in the CLR is that it should be as...
Date: 11/18/2009
In my last post I talked about the two different security rule sets supported by the v4 CLR. ...
Date: 11/12/2009
Earlier this week, we looked at how the v4 CLR continued the evolution of the security transparency...
Date: 11/11/2009
Now that we know the basics of security transparency, let's look at how it evolved over time. In...
Date: 11/09/2009
Last time we looked at the set of operations that can only be performed by security critical code....
Date: 11/05/2009
One of the biggest changes in the .NET 4 security model is a move toward security transparency as a...
Date: 11/03/2009
Over the last few weeks we’ve been taking a look at the updates to the CLR security policy system in...
Date: 06/12/2009
Over the last few weeks we’ve been looking at the changes to security policy in .NET 4, namely that...
Date: 06/12/2009
Over the last few posts, I’ve been looking at how the update to the CLR v4 security policy interacts...
Date: 06/09/2009
In my last post about changes to the CLR v4 security policy model, I looked at APIs which implicitly...
Date: 06/08/2009
A while back I did an interview with Charles Torre about the changes to security in CLR v4,...
Date: 05/28/2009
Kris Makey, who works on the Visual Studio team, has written up a good blog post about the changes...
Date: 05/28/2009
Last week we looked at sandboxing and the v4 CLR – with the key change being that the CLR now defers...
Date: 05/27/2009
Yesterday I talked about the changes in security policy for managed applications, namely that...
Date: 05/22/2009
One of the first changes that you might see to security in the v4 CLR is that we’ve overhauled the...
Date: 05/21/2009
The first beta of the v4.0 .NET Framework is now available, and with it comes a lot of changes to...
Date: 05/20/2009
Over the last week, we've made a couple of updates to our Codeplex projects to add authenticated...
Date: 03/17/2009
Reid Borsuk, an SDE/T on the CLR security team, has released a fully transparent implementation of...
Date: 12/09/2008
The crypto config schema has been a bit of a hot topic around here lately, specifically around how...
Date: 12/02/2008
Earlier this month, we released .NET 3.5 SP 1. One of the new features available in this...
Date: 08/25/2008
The CLR Security Team just launched our CodePlex site: https://www.codeplex.com/clrsecurity. ...
Date: 07/10/2008
Dino Esposito has an article in the March Dr. Dobb's Journal taking a look at the Silverlight...
Date: 07/09/2008
Many managed applications start up slower than they really need to because of time spent verifying...
Date: 05/14/2008
We released the first beta of .NET 3.5 SP 1 this morning, and it includes a change to the default...
Date: 05/12/2008
.NET 2.0 introduced a check for FIPS certified algorithms if your local security policy was...
Date: 03/14/2008
CAS is complicated enough to understand when all of the moving parts are written in managed code...
Date: 03/04/2008
WindowsIdentity exposes a Groups property which returns a collection of IdentityReferences for the...
Date: 02/07/2008
Last year, I made a series of posts about a new feature available in the betas of .NET 3.5 which...
Date: 01/24/2008
In my last post I mentioned that there is a better alternative to RequestRefuse for achieving least...
Date: 10/30/2007
I've written in the past about the three assembly level declarative security actions:...
Date: 10/02/2007
My third MSDN magazine article, Digging into IDisposable, appeared in this month's issue in the CLR...
Date: 06/20/2007
Over the last week we took a look at the new Silverlight security model. When you're writing a...
Date: 05/14/2007
Over the last few days we've looked at the basics of the CoreCLR security model in Silverlight, and...
Date: 05/11/2007
Yesterday we talked about the CoreCLR security model, and how it is built upon the transparency...
Date: 05/10/2007
You may have heard a thing or two last week about a little project we like to call Silverlight,...
Date: 05/09/2007
A while back I wrote about the performance penalty of loading an assembly with an Authenticode...
Date: 05/07/2007
One of the various ways that you can load an assembly is by supplying the raw bytes of an assembly...
Date: 04/18/2007
Attached is the TemplateControl.control manifest. TemplateControl.control
Date: 03/29/2007
The .NET Framework SDK ships with a MMC Snap-In which enables you to, among other things, avoid...
Date: 03/15/2007
Last week, I talked about the Orcas feature which allows you to provide a manifest to elevate your...
Date: 03/12/2007
Earlier this week,I talked about the Orcas feature where controls can declaratively request...
Date: 03/09/2007
One of my most read blog posts (and one of the reasons I created this blog in the first place -- to...
Date: 03/07/2007
The Evidence class supports being enumerated in three different ways: GetAssemblyEnumerator...
Date: 02/23/2007
We all know that the CLR provides many types of evidence to assemblies and AppDomains by default,...
Date: 02/20/2007
One of the features the CLR team is adding in Orcas is that we're providing a new model to help...
Date: 02/20/2007
We’ve recently discovered a bug in the HMACSHA512 and HMACSHA384 classes which shipped in the .NET...
Date: 01/31/2007
The second elliptic curve algorithm added to Orcas is elliptic curve Diffie-Hellman, as the...
Date: 01/22/2007