Welcome to MSDN Blogs
Sign in
|
Join
|
Help
.NET Security Blog
This Blog
Syndication
RSS 2.0
Atom 1.0
Search
Tags
CAS
ClickOnce
CLR v4
CNG
Cryptography
Debugging
Orcas
Other
Policy
SecAnnotate
Security
Silverlight
SSCLI
StrongName
Transparency
Under the Hood
Visual Studio
Windows
XML
News
Silverlight Security Cheat Sheet
What's New in Security for v2.0
List of CLR Bloggers
Getting Help with your .NET Questions
Archives
November 2009 (7)
June 2009 (4)
May 2009 (6)
March 2009 (1)
December 2008 (2)
August 2008 (1)
July 2008 (2)
May 2008 (2)
March 2008 (2)
February 2008 (1)
January 2008 (1)
October 2007 (2)
June 2007 (1)
May 2007 (5)
April 2007 (1)
March 2007 (4)
February 2007 (3)
January 2007 (5)
December 2006 (2)
November 2006 (3)
October 2006 (5)
September 2006 (2)
August 2006 (1)
July 2006 (6)
June 2006 (6)
May 2006 (7)
April 2006 (7)
March 2006 (6)
February 2006 (7)
January 2006 (9)
December 2005 (7)
November 2005 (8)
October 2005 (8)
September 2005 (11)
August 2005 (7)
July 2005 (8)
June 2005 (4)
May 2005 (10)
April 2005 (6)
March 2005 (10)
February 2005 (9)
January 2005 (10)
December 2004 (10)
November 2004 (11)
October 2004 (12)
September 2004 (10)
August 2004 (10)
July 2004 (10)
June 2004 (11)
May 2004 (7)
April 2004 (14)
March 2004 (21)
February 2004 (12)
January 2004 (3)
December 2003 (1)
November 2003 (5)
October 2003 (1)
June 2003 (2)
Browse by Tags
All Tags
»
ClickOnce
»
Security
(RSS)
CAS
Cryptography
Debugging
Orcas
Policy
SSCLI
Visual Studio
XML
Friday, June 12, 2009 11:33 AM
CLR v4 Security Policy Roundup
Over the last few weeks we’ve been taking a look at the updates to the CLR security policy system in the v4 release of the .NET Framework. Here’s a quick index of those topics: Overview Security Policy in the v4 CLR Sandboxing in .NET 4.0 Updating code
Posted by
shawnfa
|
1 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
Monday, May 12, 2008 10:49 AM
FullTrust on the LocalIntranet
We released the first beta of .NET 3.5 SP 1 this morning, and it includes a change to the default grant set for applications launched from the LocalIntranet zone. The quick summary is that as of .NET 3.5 SP1, applications run from a network share will
Posted by
shawnfa
|
13 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
Tuesday, October 02, 2007 9:24 AM
Avoiding Assembly Level Declarative Security
I've written in the past about the three assembly level declarative security actions : RequestMinimum, RequestOptional, and RequestRefuse. Although the CLR has supported these since v1.0, I tend to stay away from using them as much as I possibly can,
Posted by
shawnfa
|
0 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
Wednesday, March 07, 2007 11:25 AM
Specifying Permissions for IE Controls in Orcas
One of my most read blog posts (and one of the reasons I created this blog in the first place -- to answer what was one of the most asked questions on the old .NET Security newsgroup), is my post about granting managed controls hosted in IE extra permissions
Posted by
shawnfa
|
1 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
,
Orcas
Saturday, July 15, 2006 7:00 AM
ClickOnce Same Site Permissions
ClickOnce applications can request that they be granted permission to contact their site of origin. In Visual Studio this is done by clicking on the Advanced button in the Security tab of the project properties and checking "Grant the application access
Posted by
shawnfa
|
4 Comments
Filed under:
Security
,
ClickOnce
,
CAS
Thursday, July 13, 2006 11:43 AM
Sandboxed Applications Can’t Elevate Their Own Permissions
Every once in a while someone will ask how they can do something similar to these caspol commands from within their application. Generally, they want their application to be deployed from the Internet or a file share and don’t want users to have to deal
Posted by
shawnfa
|
6 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
Wednesday, April 19, 2006 8:35 AM
5 Reasons to Choose Simple Sandboxing
When it comes time to host some partially trusted code in your application, perhaps as a part of an Add-In model, you’ve got a few options to choose from. How do you decide which is the best way to go? Thankfully the answer to this one is relatively straightforward
Posted by
shawnfa
|
17 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
Monday, June 06, 2005 4:06 PM
Console Applications requre UIPermission
Starting with beta 2, we’ve made a change around what permissions are required to launch a console application. When I talk about console applications here, I’m talking about applications that specify they should run with the WINDOWS_CUI subsystem
Posted by
shawnfa
|
1 Comments
Filed under:
Security
,
ClickOnce
,
CAS
Tuesday, September 07, 2004 4:27 PM
Deploying Policy on v1.0 and 1.1 of the CLR
A lot of the time, someone has written an application that won't run under the CLR's default security settings and needs to provide a mechanism for their users to modify the policy easily in order to allow their application to run. For Whidbey, ClickOnce
Posted by
shawnfa
|
9 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Policy
Friday, July 30, 2004 12:24 PM
Whidbey's New SecurityException
One of the more difficult things to debug with .NET 1.0 and 1.1 is the security exception. With these frameworks generally the only information that you got was the state of the failed permission. Due to the complexity of debugging security problems,
Posted by
shawnfa
|
14 Comments
Filed under:
Security
,
ClickOnce
,
CAS
,
Visual Studio
,
Debugging
Monday, January 19, 2004 4:04 PM
ClickOnce Activation Errors on the PDC Whidbey / Longhorn Build
The PDC build of Whidbey and Longhorn do not provide a great mechanism for handling errors in ClickOnce manifests and other similar activation issues. Often if there is a problem activating a ClickOnce application, you'll only get a simple error dialog
Posted by
shawnfa
|
0 Comments
Filed under:
Security
,
ClickOnce
Tuesday, December 09, 2003 7:29 PM
Moving
The GotDotNet blogs are being frozen, so I'll be moving my blog over to the ASP.Net site. You can find the new location at http://blogs.msdn.com/shawnfa
Posted by
shawnfa
|
0 Comments
Filed under:
Security
,
ClickOnce
,
SSCLI
,
Cryptography
,
XML
Friday, November 14, 2003 9:55 PM
ClickOnce and Security
A first look at permission elevation
Posted by
shawnfa
|
1 Comments
Filed under:
Security
,
ClickOnce
