David Starts Blogging

David Notario has started up a blog … he’s one of the x86 JIT devs, and (since his office is right next door), is always the guy I go to when I need an issue about how the x86 JIT or the x86 JIT verifier works.  His first post covers the phases of JIT compilation…

0

Easily Creating a StrongNameMembershipCondition for an Assembly

Taking a break from sandboxing in an AppDomain for a minute, lets take a look at another aspect of policy.  One situation that comes up very frequently when trying to execute code in a limited-trust sandbox is that there are some assemblies that you do trust, however they’re being limited by the sandbox.  The best…

3

Creating an AppDomain with limited permissions

Oftentimes in an application, it’s necessary to run untrusted code.  The CLR lets you do this safely by placing the code in its own AppDomain and sandboxing the AppDomain to have a limited set of permissions.  Usually setting up the AppDomain with the Internet permission set allows you to feel confident in executing arbitrary managed…

10

Getting the Current Permissions in a Named Permission Set

There are several named permission sets defined by default in the CLR security policy: FullTrust SkipVerification Execution Nothing LocalIntranet Internet Everything These sets are used to create the default policy, however there’s nothing stopping any user from modifying them (adding or removing permissions for instance), or creating their own named permission sets.  Sometimes its useful…

5

The Locations of the Other Policy Levels

On Monday I wrote about how to recover CasPol to a usable state, if you’ve modified the security policy to disallow CasPol permission to run.  My instructions included deleting %WINDIR%\Microsoft.Net\Framework\vx.y.zzzz\config\Security.config and Security.cch.  I’ve gotten a few emails that correctly pointed out that this only clears the Machine policy level.  Since this is the level where…

0

I’m Published!

The November 2004 issue of MSDN magazine is available online now, and it includes the first article I’ve ever had published.  I co-authored this month’s Trustworthy Code article, Exchange Data More Securely with XML Digital Signatures and Encryption with Mike Downen, the CLR Security PM.  Time to head out to the local bookstore and pick…

4

What to do when CasPol throws SecurityExceptions

CasPol is written in managed code, and as such is subject to the CLR’s security policy system just like any other piece of managed code.  Generally this is not a problem for it, since it is granted FullTrust by two separate code groups in the default policy, the MyComputer code group and the Microsoft strong…

5

Grunk Posts on File Canonicalization for FileIOPermission

Brian Grunnkmeyer recently posted a good piece on how FileIOPermission deals with file and path canonicalization.  Brian wrote a large chunk of the base class library, and contributed to the SLAR.  Its a good read if you want to know how FileIOPermission determines if two paths are the same in order to grant or deny…

0

Does StrongNameSignatureVerificationEx Cache Registry Lookup Results?

I received a question recently about my post on Checking for a Valid Strong Name Signature.  The person who was using the code I presented there to run some tests under NUnit.  The format of the tests was to use the Microsoft.Win32.Registry classes to set the skip verification list up, and then call StrongNameSignatureVerificationEx.  However,…

2

Replacing Calc with Calculator Plus

On my home machine, and one of my office machines I log in as a normal user, and only elevate to an account with admin status when installing software, or doing other maintenance.  Needless to say, doing that creates problems with various programs that were written to always assume that the user has administrative access…

11