Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Under the Hood   (RSS)
Tuesday, March 04, 2008 10:27 AM

CAS and Native Code

CAS is complicated enough to understand when all of the moving parts are written in managed code (and therefore have all the associated managed meta-information like grant sets, etc). However, once native code comes into play things can get even more
Posted by shawnfa | 0 Comments
Filed under: , ,
Wednesday, January 10, 2007 10:32 AM

Combining Strong Names with Authenticode

If you want to use both a strong name and Authenticode signature on your assembly (for instance if you need a strong name for strong assembly identity, and your company has a rule requiring Authenticode signatures on all shipped products), then you need
Posted by shawnfa | 6 Comments
Tuesday, June 06, 2006 9:00 AM

Special Permissions in the SSCLI

Before digging into a pretty clever optimization that the SSCLI makes for certain special permission demands, I want to point out that everything I’m about to cover is an implementation detail. Although this optimization does occur today, we can and will
Posted by shawnfa | 2 Comments
Friday, May 12, 2006 1:14 PM

How does the CLR figure out Zone evidence?

This week, I've had three separate cases where people have wondered why the CLR was assigning seemingly incorrect zone evidence to their assembly, causing their permission sets to be less than what was expected. The quick and dirty answer is that the
Posted by shawnfa | 3 Comments
Filed under: ,
Monday, April 03, 2006 2:44 PM

What Happens When You Fully Sign a Test Signed Assembly

When an assembly is test signed , the public key used to verify its signature is different from the public key that makes up part of the assembly identity. So what happens when you take an assembly which is registered as a test signed assembly on your
Posted by shawnfa | 3 Comments
Wednesday, January 11, 2006 11:55 AM

LinkDemands and InheritenceDemands Occur at JIT Time

We previously saw that the SkipVerification demand for calling a method with unverifiable code occurs at JIT time rather than at runtime. Two other types of demands also occur at JIT time, LinkDemands and InheritenceDemands. An InheritenceDemand will
Posted by shawnfa | 3 Comments
Filed under: ,
Thursday, October 06, 2005 3:10 PM

Exploring the ADMHost Sample

When I first talked about AppDomainManagers , I mentioned that there were three ways to set them up. You can either setup an environment block, use some registry keys, or use the unmanaged hosting API. In most of my samples so far I've used the environment
Posted by shawnfa | 0 Comments
Filed under: ,
Tuesday, August 09, 2005 12:02 PM

A Closer Look at the Simple Sandboxed AppDomain

Yesterday we took a look at Whidbey's new Simple Sandboxing API . At first glance this API does seem relatively simple, however when you start to look closer at the AppDomain that is created for your sandboxed code, there are a few surprising properties.
Posted by shawnfa | 3 Comments
Thursday, July 21, 2005 5:34 PM

Setting up an AppDomainManager

When I first talked about AppDomainManagers , I mentioned that there were three ways to tell the CLR that you'd like to use the managed hosting infrastructure: The unmanaged hosting API Environment variables APPDOMAIN_MANAGER_ASM and APPDOMAIN_MANAGER_TYPE
Posted by shawnfa | 5 Comments
Filed under: ,
Thursday, April 28, 2005 8:03 AM

Whidbey's Security Off Model

Although the v1.0 and v1.1 versions of CasPol provided a switch to disable the CLR's security system, running without CAS enforcement on was never a scenario that we encouraged for obvious reasons. The choice to disable security was a system wide switch
Posted by shawnfa | 17 Comments
Tuesday, March 22, 2005 7:58 PM

Safely Impersonating Another User

Yesterday I posted a bit of code that shows how to impersonate another user in managed code. However, that code had a subtle security hole waiting to bite you if you used it directly. Both Dean and Eric found the problem. In fact Eric reminded me of a
Posted by shawnfa | 17 Comments
Tuesday, March 08, 2005 12:31 PM

When is ReflectionPermission Needed?

Reflection and its interaction with security can sometimes be a bit of a confusing matter. The easiest portion to figure out is the permissions needed to use Reflection.Emit. In order to do anything with the reflection emit feature, you'll need to have
Posted by shawnfa | 11 Comments
Monday, February 28, 2005 5:12 PM

The Difference Between the Strong Name Hash and Hash Evidence

The System.Security.Policy.Hash class allows you to make security decisions based upon the hash of an assembly using the HashMembershipCondition . That sounds awfully similar to how strong names are calculated ... According to ECMA partition II section
Posted by shawnfa | 5 Comments
Wednesday, January 26, 2005 3:11 PM

Finding the Raw Strong Name Signature

Wow ... there's been lots of interest in signatures lately :-) In response to my last post about reserving a larger section of the PE file for the signature when you create a signature with a larger key, William wants to know if you can extract the actual
Posted by shawnfa | 5 Comments
Tuesday, January 25, 2005 1:59 PM

Shri Starts Blogging

Shri started up a blog today , joining David as members of the JIT team on MSDN blogs. His first post is on how the x86 JIT implements a tail call ... and why its not as fast as it could be. Now that Shri has a blog, the percentage of people in my hallway
Posted by shawnfa | 0 Comments
Filed under:
More Posts Next page »
 
Page view tracker