Welcome to MSDN Blogs Sign in | Join | Help

August 2005 - Posts

Wednesday, August 31, 2005 2:04 PM

When the Opposite of Transparent isn't Opaque

When you provide an assembly that will be called by partially trusted callers, you need to make sure that you do a thorough security audit of that assembly -- especially if it’s an APTCA assembly. One of the primary reasons this security review is required
Posted by shawnfa | 5 Comments
Filed under: ,
Wednesday, August 31, 2005 9:23 AM

Getting Help with your .NET Questions

Recently I've been getting a lot of email from this blog asking for help with various problems. Although I'd love to help out, I don't have the time to address each mail directly. In fact, most of the problems I (and other members of the CLR team I've
Posted by shawnfa | 6 Comments
Filed under:
Wednesday, August 24, 2005 7:46 AM

What's New in Security for v2.0

There's a ton of new and enhanced security features coming with the v2.0 release of the CLR. However, finding a definitive list of them all can be a somewhat challenging task. Dominick Baier has an excellent slide deck detailing some of the changes and
Posted by shawnfa | 10 Comments
Filed under:
Monday, August 22, 2005 2:49 PM

Securing AppDomain Data

While we're on the topic of AppDomains ... One feature of AppDomains that many people don't know about is that they expose a property dictionary of string/object pairs. This dictionary is exposed through the GetData / SetData pair of methods. In the remarks
Posted by shawnfa | 0 Comments
Filed under:
Wednesday, August 17, 2005 11:34 AM

Comparing Java and .NET Security

It's been a while since I've last seen a comparison of Java and .NET security . Nathaneal Paul and David Evans from the University of Virginia Computer Science Department recently finished their comparison, Comparing Java and .NET Security: Lessons Learned
Posted by shawnfa | 12 Comments
Filed under: ,
Tuesday, August 09, 2005 12:02 PM

A Closer Look at the Simple Sandboxed AppDomain

Yesterday we took a look at Whidbey's new Simple Sandboxing API . At first glance this API does seem relatively simple, however when you start to look closer at the AppDomain that is created for your sandboxed code, there are a few surprising properties.
Posted by shawnfa | 3 Comments
Monday, August 08, 2005 10:04 AM

The Simple Sandboxing API

A while back I gave some sample code to show how to setup a sandboxed AppDomain . This technique has worked since v1.0, and will continue to work with Whidbey. However, Whidbey also introduces a simple sandboxing API which eliminates the need for this
Posted by shawnfa | 10 Comments
Filed under: ,
 
Page view tracker