CAS and Native Code

CAS is complicated enough to understand when all of the moving parts are written in managed code (and therefore have all the associated managed meta-information like grant sets, etc).  However, once native code comes into play things can get even more confusing.  Let’s take a look at how CAS works when there’s native code on…


Combining Strong Names with Authenticode

If you want to use both a strong name and Authenticode signature on your assembly (for instance if you need a strong name for strong assembly identity, and your company has a rule requiring Authenticode signatures on all shipped products), then you need to make sure to do these in a specific order. Strong name…


Special Permissions in the SSCLI

Before digging into a pretty clever optimization that the SSCLI makes for certain special permission demands, I want to point out that everything I’m about to cover is an implementation detail. Although this optimization does occur today, we can and will change it for future versions of the CLR (and potentially service packs for the…


How does the CLR figure out Zone evidence?

This week, I’ve had three separate cases where people have wondered why the CLR was assigning seemingly incorrect zone evidence to their assembly, causing their permission sets to be less than what was expected. The quick and dirty answer is that the CLR doesn’t in fact assign zones (with one small exception).  What we do…


What Happens When You Fully Sign a Test Signed Assembly

When an assembly is test signed, the public key used to verify its signature is different from the public key that makes up part of the assembly identity.  So what happens when you take an assembly which is registered as a test signed assembly on your machine and fully sign it? The key here (aren’t…


LinkDemands and InheritenceDemands Occur at JIT Time

We previously saw that the SkipVerification demand for calling a method with unverifiable code occurs at JIT time rather than at runtime.  Two other types of demands also occur at JIT time, LinkDemands and InheritenceDemands.  An InheritenceDemand will occur when the method of the derived class is being JITed, while a LinkDemand occurs when the…


Exploring the ADMHost Sample

When I first talked about AppDomainManagers, I mentioned that there were three ways to set them up.  You can either setup an environment block, use some registry keys, or use the unmanaged hosting API.  In most of my samples so far I’ve used the environment variables, and in fact I discourage using the registry keys….


A Closer Look at the Simple Sandboxed AppDomain

Yesterday we took a look at Whidbey’s new Simple Sandboxing API.  At first glance this API does seem relatively simple, however when you start to look closer at the AppDomain that is created for your sandboxed code, there are a few surprising properties. You might expect that under the covers this API is doing the…


Setting up an AppDomainManager

When I first talked about AppDomainManagers, I mentioned that there were three ways to tell the CLR that you’d like to use the managed hosting infrastructure: The unmanaged hosting API Environment variables APPDOMAIN_MANAGER_ASM and APPDOMAIN_MANAGER_TYPE A set of registry keys Of these three, which one should you pick?  Obviously the unmanaged hosting API is only…


Whidbey’s Security Off Model

Although the v1.0 and v1.1 versions of CasPol provided a switch to disable the CLR’s security system, running without CAS enforcement on was never a scenario that we encouraged for obvious reasons.  The choice to disable security was a system wide switch that affected any managed application on any version of the runtime, and made…