Welcome to MSDN Blogs Sign in | Join | Help

March 2005 - Posts

Thursday, March 31, 2005 2:36 PM

More on First Pass Exception Issues

Keith Brown recently pointed out that the issues with first pass exception handling extend well beyond the instance I mention of correctly reverting your impersonation context . Basically, anywhere you rely on a finally block to keep your state consistent
Posted by shawnfa | 5 Comments
Filed under:
Wednesday, March 30, 2005 2:35 PM

Reading a File from Partial Trust

When authoring an application to run with partial trust, one of the problems many people hit is the inability to open an arbitrary file for reading. Generally partial trust code just won't have the FileIOPermission necessary to do this. Obviously preventing
Posted by shawnfa | 2 Comments
Filed under: ,
Thursday, March 24, 2005 3:07 PM

Safe Impersonation With Whidbey

Over the last couple of days we've talked about how to impersonate another user , and some security issues to keep in mind while impersonating . Now I'd like to take a look at some new features available in Whidbey which can make the whole process much
Posted by shawnfa | 5 Comments
Filed under: ,
Tuesday, March 22, 2005 7:58 PM

Safely Impersonating Another User

Yesterday I posted a bit of code that shows how to impersonate another user in managed code. However, that code had a subtle security hole waiting to bite you if you used it directly. Both Dean and Eric found the problem. In fact Eric reminded me of a
Posted by shawnfa | 17 Comments
Monday, March 21, 2005 4:06 PM

How to Impersonate

Guillermo recently started blogging about some Whidbey enhancements around impersonation. However, figuring out how to impersonate in the first place can be a little less than obvious. WindowsIdentity contains an Impersonate method, but it doesn't accept
Posted by shawnfa | 18 Comments
Filed under: ,
Wednesday, March 16, 2005 4:37 PM

X509CertificateEx is now X509Certificate2

Last fall, in the article Mike Downen and I wrote for MSDN magazine , we mentioned the expanded support for X.509 certificates, and specifically pointed out how to use them with XML digital signatures . For those of you picking up the Febuaray CTP (and
Posted by shawnfa | 4 Comments
Filed under: ,
Thursday, March 10, 2005 5:41 PM

BCL Blog Day

Next Tuesday (March 15th), the BCL team is having a blog day where they're planning on devoting the entire day to creating blog entries and samples exploring the BCL. They're soliciting feedback as to what kind of samples you like to see , so if you're
Posted by shawnfa | 0 Comments
Filed under:
Thursday, March 10, 2005 5:41 PM

Don't Deny SkipVerification

SkipVerification permission, which allows the JIT to compile any code even if it cannot prove the safety of that code, is a bit of a special permission. For instance, it's the only permission which causes an exception other than SecurityException when
Posted by shawnfa | 0 Comments
Filed under: ,
Tuesday, March 08, 2005 12:31 PM

When is ReflectionPermission Needed?

Reflection and its interaction with security can sometimes be a bit of a confusing matter. The easiest portion to figure out is the permissions needed to use Reflection.Emit. In order to do anything with the reflection emit feature, you'll need to have
Posted by shawnfa | 11 Comments
Thursday, March 03, 2005 7:00 PM

Reid Talks about Security State and NGEN

Following up on the pieces we had last week that mentioned NGEN and security ... Reid has just posted a good piece about how NGEN deals with the fact that the grant set of an assembly can change from the time the assembly is NGENed to the time that it's
Posted by shawnfa | 1 Comments
Filed under: ,
 
Page view tracker