Debugging Lightweight CodeGen in VS

Haibo just posted about his debugger visualizer for dynamic methods.  This is a pretty sweet piece of code for anyone who uses lightweight code generation and needs to debug the code they’ve emitted.  Basically it adds a visualizer to DynamicMethod objects that enables you to dump out the IL of that method.  (He also explains…


Test Key Signing

One feature that will start to show up on the latest CTP of Whidbey is test key signing — basically delay signing++.  Lets do a quick review of what delay signing is, and then see where test key signing takes over.  Recall a delay signed assembly is one which has a public key associated with…


Using Host Protection

Yesterday we looked at what host protection is and what it does.  Today lets modify the ADMHost sample code so that it disables access to self affecting and external threading operations.  We’ll then attempt to run a bit of code that launches 10 threads. The code that we’ll be hosting is extremely basic — this is…


Host Protection

One of our new Whidbey hosting features is called Host Protection — basically it allows an application hosting the CLR to declare some types of operations off limits for use by hosted code.  This is orthogonal to CAS in that CAS allows an administrator to say what is allowed and a CAS grant set can change…


MSDN Security Issue

The annual MSDN Security Issue is now out, in addition to containing my article on hosting untrusted code, it also has one by Mike on What’s New With Code Access Security in the .NET Framework 2.0.  We worked to make these two articles fit nicely together — Mike focuses on a higher level overview of sandboxing…


Exploring the ADMHost Sample

When I first talked about AppDomainManagers, I mentioned that there were three ways to set them up.  You can either setup an environment block, use some registry keys, or use the unmanaged hosting API.  In most of my samples so far I’ve used the environment variables, and in fact I discourage using the registry keys….


New Security Features in Visual Studio 2005

Brian Johnson has a new article on MSDN about New Security Features in Visual Studio 2005.  Definitely worth a read — he covers a lot of area, from Application Verifier, to ClickOnce, to PermCalc, right on down to unit testing.


Tour the CLR Security Team

Mike and I have been spending time this week meeting with the Visual Developer Security MVPs  — having plenty of discussion about what we can do in future releases of the framework and how CAS relates to some of the rest of Microsoft’s products.  It’s been good finally getting to put faces to people that we’ve exchanged volumes of…