CLR Security Team CodePlex Site

The CLR Security Team just launched our CodePlex site: http://www.codeplex.com/clrsecurity.  Currently, it contains two assemblies that provide additional functionality to the security APIs shipped in v3.5 of the .NET Framework. We’d love your feedback on the currently offered libraries, and also welcome ideas for other libraries you’d like to see on our CodePlex site.  From…

1

FxCop Transparency Rules

The FxCop team has just announced the availability of RC 1 of FxCop 1.35.  Notable in this release is the introduction of the first three rules around security transparency.  Namely, you’ll see: SecurityTransparentAssembliesShouldNotContainSecurityCriticalCode – fires when an assembly which is marked transparent contains any code which is marked critical. SecurityTransparentCodeShouldNotAssert – fires when a block…

1

Debugging a Partial Trust ClickOnce Application

Although the theory is that by the time we deploy a finished application it’s already fully debugged we all know that in practice things rarely go that smoothly.  So what happens if you deploy a partial trust ClickOnce application that starts to crash when it’s run?  Well, if you’re lucky enough to have the problematic application stay…

3

Debugging ADMHost

A few people have noticed that the ADMHost sample is not set up to do mixed mode debugging by default.  If you’re working with this sample and you’d like to debug through both halves of the host, you’ll need to enable this mode. Right click on the ADMHost project and open the properties window Set…

0

Finding the Source Code for an Assembly

Sometimes, especially when working on large projects (such as, I don’t know, say … the CLR), you find yourself debugging a problem where you don’t know where a component is built from.  Depending on the problem, it might be useful to get to the sources of the assembly to help diagnose what the issue is…

2

Debugging Lightweight CodeGen in VS

Haibo just posted about his debugger visualizer for dynamic methods.  This is a pretty sweet piece of code for anyone who uses lightweight code generation and needs to debug the code they’ve emitted.  Basically it adds a visualizer to DynamicMethod objects that enables you to dump out the IL of that method.  (He also explains…

0

IronPython + MDbg = good times

Mike Stall recently completed a project to embed IronPython into the MDbg debugger as an MDbg extension.  IronPython’s hosting interface is pretty slick, in fact it took Mike only 10 steps to get IronPython running inside MDbg and expose the debugger functionality to Python scripts via a variable named Shell. After playing with Mike’s extension…

3

Viewing IL at Debug Time

Last week, I mentioned Yiru’s post on using SOS to see the IL of a dynamically generated method.  Yiru’s post is about lightweight code gen, but the technique she shows is useful for more general purpose managed debugging .  Let’s work through debugging a program that’s supposed to display the number of days between two…

4

Yiru on Debugging LCG

Yiru’s got a great piece up on using SOS to debug code that was emitted using Whidbey’s new Lightweight CodeGen feature.  Debugging any code written at the IL level can be tricky for anyone who doesn’t have Partition III of ECMA committed to mind.  LCG makes it even more fun since the code is generated…

2

Whidbey’s Security Off Model

Although the v1.0 and v1.1 versions of CasPol provided a switch to disable the CLR’s security system, running without CAS enforcement on was never a scenario that we encouraged for obvious reasons.  The choice to disable security was a system wide switch that affected any managed application on any version of the runtime, and made…

17