Welcome to MSDN Blogs Sign in | Join | Help

January 2006 - Posts

Friday, January 27, 2006 8:23 AM

UAC Policy Settings

The new UAC blog (formerly LUA, formerly UAP) has up a good post on the six security policy settings that have been introduced to control how UAC works. As the Vista betas start coming out and people can start to play with UAC, knowing that some of these
Posted by shawnfa | 0 Comments
Filed under: ,
Friday, January 20, 2006 7:00 AM

Detecting that You're Running in a ClickOnce Application

In my last post , I mentioned that application scoped isolated storage only works if you're running in a ClickOnce application. That begs the question -- how do I tell if I'm currently running in the context of a ClickOnce application? You can see if
Posted by shawnfa | 10 Comments
Filed under:
Wednesday, January 18, 2006 10:29 AM

Isolated Storage and ClickOnce

Isolated storage introduced a new scope in v2.0 of the CLR to work with ClickOnce applications. Application scoped Isolated storage is backed by the application's data directory. This enables scenarios where your isolated storage data will flow forward
Posted by shawnfa | 9 Comments
Filed under:
Thursday, January 12, 2006 11:07 AM

How Do You Customize Your Policy?

As part of planning for our next release, we're interested in collecting some data on how you customize your security policy. We're intereseted in as much information as you have to offer. For instance, do you mainly add code groups to the machine level,
Posted by shawnfa | 8 Comments
Filed under: , ,
Wednesday, January 11, 2006 11:55 AM

LinkDemands and InheritenceDemands Occur at JIT Time

We previously saw that the SkipVerification demand for calling a method with unverifiable code occurs at JIT time rather than at runtime. Two other types of demands also occur at JIT time, LinkDemands and InheritenceDemands. An InheritenceDemand will
Posted by shawnfa | 3 Comments
Filed under: ,
Monday, January 09, 2006 11:30 AM

PrincipalPermission and Finalizers

Nicole Calinoiu , one of our developer security MVPs, has just posted a good description of the problems that occur when using PrincipalPermission with impersonation and finalizers . The key thing to take away from this is that impersonation occurs on
Posted by shawnfa | 3 Comments
Filed under: ,
Monday, January 09, 2006 9:35 AM

Mike Rousos on Registry Security

Over the weekend, Mike Rousos (a BCL tester who's been temporarily drafted onto the security team) posted an interesting piece about the new BCL registry security support on the BCL blog . While the title mentions RegistryPermission, the post is actually
Posted by shawnfa | 2 Comments
Filed under: ,
Thursday, January 05, 2006 9:30 AM

RSACryptoServiceProvider::Encrypt Does Not Provide Deterministic Output

On one of our internal mailing lists, someone was recently surprised that calling RSACryptoServiceProvider::Encrypt on the same bytes with the same instance of the RSA object resulted in two completely different output bytes arrays. The reason is that
Posted by shawnfa | 2 Comments
Filed under: ,
Thursday, January 05, 2006 7:00 AM

Debugging ADMHost

A few people have noticed that the ADMHost sample is not set up to do mixed mode debugging by default. If you're working with this sample and you'd like to debug through both halves of the host, you'll need to enable this mode. Right click on the ADMHost
Posted by shawnfa | 0 Comments
Filed under:
 
Page view tracker