Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » CLR v4   (RSS)
Thursday, November 05, 2009 9:59 AM

Bridging the Gap Between Transparent and Critical Code

Last time we looked at the set of operations that can only be performed by security critical code . One interesting observation is that just because you are doing one of these operations does not mean that your method in and of itself is security sensitive.
Posted by shawnfa | 0 Comments
Tuesday, November 03, 2009 9:38 AM

Transparency 101: Basic Transparency Rules

One of the biggest changes in the .NET 4 security model is a move toward security transparency as a primary security enforcement mechanism of the platform. As you'll recall, we introduced security transparency in the v2 release of .NET as more of an audit
Posted by shawnfa | 0 Comments
Friday, June 12, 2009 11:27 AM

Temporarily re-enabling CAS policy during migration

Over the last few weeks we’ve been looking at the changes to security policy in .NET 4, namely that security policy is now in the hands of the host and the operating system. While we’ve looked at how to update code that implicitly uses CAS policy , loads
Posted by shawnfa | 3 Comments
Filed under: , , ,
Tuesday, June 09, 2009 12:14 PM

Coding with Security Policy in .NET 4 part 2 – Explicit uses of CAS policy

Over the last few posts, I’ve been looking at how the update to the CLR v4 security policy interacts with how you write managed code against the v4 .NET Framework.  So far we’ve looked at the implicit uses of CAS policy, such as loading assemblies
Posted by shawnfa | 1 Comments
Filed under: , , ,
Monday, June 08, 2009 11:59 AM

More Implicit Uses of CAS Policy: loadFromRemoteSources

In my last post about changes to the CLR v4 security policy model, I looked at APIs which implicitly use CAS policy in their operation (such as Assembly.Load overloads that take an Evidence parameter), and how to migrate code that was using those APIs.  
Posted by shawnfa | 5 Comments
Filed under: , , ,
Thursday, May 28, 2009 1:30 PM

CLR 4 Security on Channel 9

A while back I did an interview with Charles Torre   about the changes to security in CLR v4, and he posted it to the Channel 9 videos site yesterday. I start out talking about the security policy changes I've been covering here over the last week,
Posted by shawnfa | 1 Comments
Thursday, May 28, 2009 7:00 AM

Visual Studio 10 Security Tab Changes

Kris Makey, who works on the Visual Studio team, has written up a good blog post about the changes you’ll see on the security tab in Visual Studio 10 when it comes to editing permission sets .  He covers what the changes are, and some of the reasons
Posted by shawnfa | 1 Comments
Wednesday, May 27, 2009 10:46 AM

Coding with Security Policy in .NET 4.0 – Implicit uses of CAS policy

Last week we looked at sandboxing and the v4 CLR – with the key change being that the CLR now defers exclusively to the host application when setting up sandboxed domains by moving away from the old CAS policy model, and moving instead to simple sandboxed
Posted by shawnfa | 4 Comments
Filed under: , , ,
Friday, May 22, 2009 10:54 AM

Sandboxing in .NET 4.0

Yesterday I talked about the changes in security policy for managed applications , namely that managed applications will run with full trust - the same as native applications - when you execute them directly. That change doesn’t mean that managed code
Posted by shawnfa | 6 Comments
Filed under: , , ,
Thursday, May 21, 2009 12:03 PM

Security Policy in the v4 CLR

One of the first changes that you might see to security in the v4 CLR is that we’ve overhauled the security policy system.  In previous releases of the .NET Framework, CAS policy applied to all assemblies loaded into an application (except for in
Posted by shawnfa | 13 Comments
Filed under: , ,
Wednesday, May 20, 2009 3:58 PM

.NET 4.0 Security

The first beta of the v4.0 .NET Framework is now available , and with it comes a lot of changes to the CLR's security system. We've updated both the policy and enforcement portions of the runtime in a lot of ways that I'm pretty excited to finally see
Posted by shawnfa | 11 Comments
Filed under: , ,
 
Page view tracker